Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,
I am getting to grips with a TrustSec design for a large multi-service building LAN where I intend to segregate guest, building management services, CCTV, lighting, etc using SGTs. Components will be 3850 L2 access, 4500x L3 distribution/core, IS...
SW 3.0(0)A1(4)I've configured SSL initiation and noticed that a successful session is established despite no valid root CA cert installed on the ACE.Does client SSL just work regardless without any cert validation?
Sounds like an interesting / similar project Andy.
I would have planned to use Critical Authentication mode for the ISE down situation. I understand the existing cached SGT data is used until ISE is back.
http://www.cisco.com/c/en/us/td/docs/ios-xml/...
Generally I would say it is good practice to override the 75% maximum-reserved-bandwidth for an interface as long as you design the MQOS service-policy with a class that reserves a minimum ammount of bandwidth for routing and control traffic.I have s...
I agree that 0/0 should not be redistributed back in to EIGRP. However, to achieve failover/failback functionality between the sites you need to redistribute the default route into BGP with a different metric at each PE.This will always give priority...
