Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About Alex Pfeil
08-21-2019
Stats
Member since
01-08-2008
549
Posts
386
Helpful
31
Solutions
08-14-2019
04:44 AM
You need to take into consideration the bandwidth that you are connecting to the site as well as what type of design you are going to use. For example, if you are going to have one router connected to two ISPs and you only have 100 clients, you may not want to use BGP. If you are going to connect redundant routers to a single ISP, then you could use BGP with private AS number between you and the ISP. If you are going to use two routers to two different ISPs, then you may want to come up with a different solution for that as well. What is driving the change? The routers that I would be looking at depending on packets per second and bandwidth throughput are the 4300 and 4400 series routers which would range around 150 Mbps up to 5 Gbps throughput. Thanks, Alex
... View more
08-12-2019
01:25 PM
Were you able to get this issue resolved? I am seeing a similar problem.
... View more
Created by
Alex Pfeil
in Cisco ONE Discussions
in Cisco ONE Discussions
08-02-2019
06:57 AM
08-02-2019
06:57 AM
Here is an example on digicert. https://www.digicert.com/csr-creation-cisco-asa-vpn.htm
... View more
Created by
Alex Pfeil
in Wireless Security and Network Management
in Wireless Security and Network Management
08-02-2019
06:53 AM
08-02-2019
06:53 AM
I was looking into Radius profiling on the WLAN controller. I would like to make the recommendation that DHCP should not have to be required in order to do profiling. I understand that DHCP is required to actually profile. However, it would not be necessary to profile a device with a static IP address. Here is some additional logic: If a device that is allowed on the network has a static IP address, that would be ok. If a device that should not be allowed on the network is trying to get on the network with a static IP address, it should still be blocked by ISE. Is there any reason for this requirement that is not obvious which would make it 100% necessary? Thank you, Alex
... View more
Created by
Alex Pfeil
in VPN and AnyConnect
in VPN and AnyConnect
07-24-2019
05:53 AM
07-24-2019
05:53 AM
I verified this on my client and it works great! Thank you!
... View more
Created by
Alex Pfeil
in VPN and AnyConnect
in VPN and AnyConnect
07-24-2019
05:51 AM
07-24-2019
05:51 AM
Other CLI options: ipconfig will tell you whether or not a device is connected to VPN. You would need to know the IP address to look for. route print will let you know if the device is connected to VPN because the routing table will be modified to send some traffic into your VPN. Thanks, Alex
... View more
07-10-2019
02:05 PM
Did you delete the new IOS from flash? Verify that the old IOS is booting? Just making sure.
... View more
07-10-2019
11:33 AM
You can do it from the 1111 SSH CLI. You can do it by AP or all of them per below example. >config ap led-state disable all
... View more
07-10-2019
10:23 AM
This could be a bug, but I did not find one. I would try downgrading the switch to the next version below.
... View more
07-10-2019
10:16 AM
Is it possible to turn off the status lights on wireless access points that are connected to the 1111 WLAN controller? I was looking for the option, but I do not see it listed. Thanks, Alex
... View more
Labels:
05-31-2019
05:41 AM
Here is a link to a document showing the configuration. https://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/ha_active_standby.pdf Here is a configuration example. Primary - ASA failover failover lan unit primary failover lan interface Failover Ethernet1/8 failover link Failover Ethernet1/8 failover interface ip Failover 192.168.1.1 255.255.255.252 standby 192.168.1.2 Secondary - ASA failover failover lan unit secondary failover lan interface Failover Ethernet1/8 failover link Failover Ethernet1/8 failover interface ip Failover 192.168.1.1 255.255.255.252 standby 192.168.1.2 Can you provide your configuration?
... View more
05-22-2019
01:06 PM
I currently use FlexConnect to have one SSID local and another SSID centrally switched. This is FlexConnect. FlexConnect Split-tunneling would be having one SSID with some of the traffic centrally switched and some of the traffic switched locally. If you are already doing this, then you are doing FlexConnect Split-tunneling. Please mark helpful posts.
... View more
05-22-2019
03:57 AM
FlexConnect is used to allow an SSID to be locally switched instead of tunneled back to the WLAN controller. It is also possible to have some SSIDs locally switched, while having other SSIDs tunneled back to the controller. The purpose of a split-tunnel would be to have some traffic locally switched, while having other traffic tunneled back to the controller. The idea is to save bandwidth by keeping local traffic, local. Here is a good reference on the forum. https://community.cisco.com/t5/forums/replypage/board-id/5956-discussions-getting-started-wireles/message-id/109117
... View more
05-21-2019
05:45 AM
I agree with the above post. The server will fail to local if the AAA server is not reachable. Examples are, the server is down or an ACL is blocking the request.
... View more
08-14-2019
You need to take into consideration the bandwidth that you are
connecting to the site as well as wha...
Created by
Alex Pfeil
in Cisco ONE Discussions
08-02-2019
08-02-2019
Here is an example on digicert.
https://www.digicert.com/csr-creation-cisco-asa-vpn.htm
Created by
Alex Pfeil
in Wireless Security and Network Management
08-02-2019
08-02-2019
I was looking into Radius profiling on the WLAN controller. I would like
to make the recommendation ...
Created by
Alex Pfeil
in VPN and AnyConnect
07-24-2019
07-24-2019
I verified this on my client and it works great!Thank you!
Created by
Alex Pfeil
in VPN and AnyConnect
07-24-2019
07-24-2019
Other CLI options:ipconfig will tell you whether or not a device is
connected to VPN. You would need...
Created by
Alex Pfeil
in Switching
07-10-2019
07-10-2019
Did you delete the new IOS from flash? Verify that the old IOS is
booting? Just making sure.
07-10-2019
You can do it from the 1111 SSH CLI. You can do it by AP or all of them
per below example.>config ap...
Created by
Alex Pfeil
in Switching
07-10-2019
07-10-2019
This could be a bug, but I did not find one. I would try downgrading the
switch to the next version ...
07-10-2019
Is it possible to turn off the status lights on wireless access points
that are connected to the 111...
05-31-2019
Here is a link to a document showing the
configuration.https://www.cisco.com/c/en/us/td/docs/securit...
05-29-2019
We have OTV setup between two Data Centers. The initial setup included
some OTV VLANs and some Non-O...
05-22-2019
I currently use FlexConnect to have one SSID local and another SSID
centrally switched. This is Flex...
Public Statistics
| Date Registered | 01-08-2008 12:55 PM |
| Date Last Visited | 08-21-2019 12:28 AM |
| Total Messages Posted | 549 |
| Total Helpful Votes Received | 386 |
Helpful Votes Given To
| User | Helpful Count |
|---|---|
| 10 | |
| 80 | |
| 20 | |
| 5 | |
| 25 |
.jpg "Hall of Fame Expert"){kind=icon}
.jpg "VIP Engager"){kind=icon}
Helpful Votes From
