Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi!We are using ISE to authenticate computers connecting to our LAN using EAP-TLS and share those authenticated identities over PxGrid with 3rd party products.The problem we are hitting is PxGrid shares those identities as user identities and not as ...
Hello,We have a SDA Fabric managed by our DNAC with our C9800 managing the underlay APs. The thing is we have configured different AP Zones to broadcast different set of SSIDs.Now we have the duty to deploy 800 APs, and we are looking for a way to in...
Hi,I am facing an issue on DNAC. I have the need to migrate an SSID from our old controller to the new C9800. This SSID is anchored to an old WLC which is not managed by me.Within DNAC I can only add a mobility peer if it is managed by DNAC (its a dr...
Hi, I have created an uSEG EPG with Intra-EPG Isolation enabled, as I do not want EPs to talk to each other inside this uSEG. This uSEG is also not part of the Preferred Groups, as I want to define any flow communication over a contract. I check and ...
Cisco DNAC does still not allow to configure non managed WLC as anchor. So the best solution as per now is to create a template (incluiding the anchor configuration for the SSID) and attach it everytime you provision the WLC with the concerned SSID f...
We are managing the WLC from the DNAC, as we have fabric and non fabric SSIDs configured on DNAC.The problem on this specific SSID is, everytime I provision the WLC it brings down the SSID and deletes the anchor configuration I did directly on the WL...
Hi, Yes VMM is integrated. And yes, if I try to communicate from VMM to Baremetal, Intra-EPG contract is not taken into account and it is just ignored. As seen with ELAM, VMM is then classified as on Base EPG instead in the uSEG. I can see ARP not go...
Understood. But now I did another test, which its result got me more confused. In the uSEG, I have now one baremetal server with vlan encap 2 and two vmware servers with vlan encap 3. Policies between vmware servers are being enforced as expected, ev...
Many thanks you both @Sergiu.Daniluk , @Robert Burns At least we have found the explanation. So as far as I understand, if I use MAC address attributes both policies will be enforced; the one which apply for traffic within the same subnet and the on...
