Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About Alex Pfeil
06-04-2019
Alex Pfeil
Member since
01-08-2008
Contributor
05-31-2019
05:41 AM
Here is a link to a document showing the configuration. https://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/ha_active_standby.pdf Here is a configuration example. Primary - ASA failover failover lan unit primary failover lan interface Failover Ethernet1/8 failover link Failover Ethernet1/8 failover interface ip Failover 192.168.1.1 255.255.255.252 standby 192.168.1.2 Secondary - ASA failover failover lan unit secondary failover lan interface Failover Ethernet1/8 failover link Failover Ethernet1/8 failover interface ip Failover 192.168.1.1 255.255.255.252 standby 192.168.1.2 Can you provide your configuration?
... View more
05-22-2019
01:06 PM
I currently use FlexConnect to have one SSID local and another SSID centrally switched. This is FlexConnect. FlexConnect Split-tunneling would be having one SSID with some of the traffic centrally switched and some of the traffic switched locally. If you are already doing this, then you are doing FlexConnect Split-tunneling. Please mark helpful posts.
... View more
05-22-2019
03:57 AM
FlexConnect is used to allow an SSID to be locally switched instead of tunneled back to the WLAN controller. It is also possible to have some SSIDs locally switched, while having other SSIDs tunneled back to the controller. The purpose of a split-tunnel would be to have some traffic locally switched, while having other traffic tunneled back to the controller. The idea is to save bandwidth by keeping local traffic, local. Here is a good reference on the forum. https://community.cisco.com/t5/forums/replypage/board-id/5956-discussions-getting-started-wireles/message-id/109117
... View more
05-21-2019
05:45 AM
I agree with the above post. The server will fail to local if the AAA server is not reachable. Examples are, the server is down or an ACL is blocking the request.
... View more
Created by
Alex Pfeil
in Policy and Access
in Policy and Access
05-21-2019
05:18 AM
05-21-2019
05:18 AM
That is exactly what I was looking for, thanks!
... View more
Created by
Alex Pfeil
in Security Events
in Security Events
05-20-2019
11:12 AM
05-20-2019
11:12 AM
You are going to have to upgrade the software. The best bet is to place a ticket with TAC, and get them to give you a specific version of software to run. They should be able to suggest the most stable version.
... View more
Created by
Alex Pfeil
in Policy and Access
in Policy and Access
05-14-2019
05:40 AM
05-14-2019
05:40 AM
In my opinion, it would make sense to be able to see a report of every device that is currently using a Plus or APEX license.
... View more
Created by
Alex Pfeil
in Policy and Access
in Policy and Access
05-13-2019
11:08 AM
05-13-2019
11:08 AM
We are running ISE 2.4 patch 5. A few weeks ago, ISE started reporting that we were using over 300 more licenses than we have. Is there a way to see all the devices using a Plus license in ISE?
... View more
Labels:
05-06-2019
05:12 AM
I had converted an LWAPP to an autonomous AP. I was then able to telnet into the AP. I thought the username and password would stay the same, but it resets to the default. I was glad to come across this info. The telnet username and password was Cisco after the conversion. Thanks!
... View more
Created by
Alex Pfeil
in Wireless and Mobility
in Wireless and Mobility
04-25-2019
10:16 AM
04-25-2019
10:16 AM
You could also try to replace one of the working wireless access points to validate that you do not have a cabling issue.
... View more
Created by
Alex Pfeil
in Wireless and Mobility
in Wireless and Mobility
04-25-2019
09:36 AM
04-25-2019
09:36 AM
When you setup FlexConnect, you have to go into each wireless access point and go to the FlexConnect tab. You would then set the VLAN for each SSID that is setup for FlexConnect. Each SSID has to be setup for FlexConnect as well. When you have a FlexConnect AP, it is still possible to have centrally switched SSIDs, so you may have missed the FlexConnect setting in the SSID advanced tab.
... View more
04-25-2019
09:32 AM
As a test to verify that passphrase length was a possible issue, I made the passphrase 1 character longer and verified it was the same on both ends. I waited a few minutes and the tunnel was still in an MM_NO_STATE. I then made the passphrase about 10 characters shorter, and the state went to QM_IDLE almost immediately followed by tunnels up. Thanks for the post!
... View more
04-24-2019
09:54 AM
It is possible that if root guard is incorrectly configured on a down link switch, it could shut down a port that you would want to remain online. I agree that if your 3850 is the main switch, it should be the spanning-tree root and the command suggested by Jaderson is correct. Please rate helpful posts.
... View more
2 weeks ago
Here is a link to a document showing the
configuration.https://www.cisco.com/c/en/us/td/docs/securit...
3 weeks ago
We have OTV setup between two Data Centers. The initial setup included
some OTV VLANs and some Non-O...
4 weeks ago
I currently use FlexConnect to have one SSID local and another SSID
centrally switched. This is Flex...
4 weeks ago
FlexConnect is used to allow an SSID to be locally switched instead of
tunneled back to the WLAN con...
4 weeks ago
I currently have profiling groups to profile devices, say Computers,
Scanners, and Phones. These gro...
Created by
Alex Pfeil
in Identity Services Engine (ISE)
4 weeks ago
4 weeks ago
I will move my comment to a different thread.
Created by
Alex Pfeil
in Identity Services Engine (ISE)
4 weeks ago
4 weeks ago
I am looking at doing Wired MAB with ISE 2.4. In the past for wireless
802.1x, I have allowed ISE to...
4 weeks ago
I agree with the above post. The server will fail to local if the AAA
server is not reachable. Examp...
Created by
Alex Pfeil
in Policy and Access
4 weeks ago
4 weeks ago
That is exactly what I was looking for, thanks!
a month ago
You are going to have to upgrade the software. The best bet is to place
a ticket with TAC, and get t...
Created by
Alex Pfeil
in Policy and Access
05-14-2019 05:40 AM
05-14-2019 05:40 AM
In my opinion, it would make sense to be able to see a report of every
device that is currently usin...
Created by
Alex Pfeil
in Policy and Access
05-13-2019 11:08 AM
05-13-2019 11:08 AM
We are running ISE 2.4 patch 5. A few weeks ago, ISE started reporting
that we were using over 300 m...
Public Statistics
| Date Registered | 01-08-2008 12:55 PM |
| Date Last Visited | 06-04-2019 01:56 AM |
| Total Messages Posted | 539 |
| Total Helpful Votes Received | 376 |
Helpful Votes From
