Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
One of our clients deployed an ASAv in their Azure environment. I was informed they want to setup a S2S tunnel from it to their physical ASA at their HQ. I haven't been able to find anything on configuring the S2S tunnel on the ASAv side. Accordin...
I have a client that is looking to segment their network. They were initially thinking either ACL's on their switches or using a FW. However, after talking to them about ISE and TrustSec, they are interested in that solution. The client is an inte...
So I am working on setting up PBR on FTD and am following this video:
https://www.youtube.com/watch?v=lakHhw9CR5Y
It seems pretty straight forward as I have done this before on ASA's. My question is, is when I deploy the FlexConfig policy, what ki...
I am working on configuring ISE for my client's guest wireless. They only want to allow certain devices (i.e. laptops, tablets, phones) and not streaming/gaming devices. With that being the case, I have profiling running to detect what type of devi...
If you install patch 2 for ISE 2.3, that will resolve the issue of not being able to view the Context Visibility page. I ran into the same issue and patch 2 fixed the problem.
Paul,I tried do what you suggested. However, some devices, like Android and IOS have to be able to reach the WebAuth page to be profiled correctly. Android and IOS use the HTTP probe to be profiled with ISE. -Dan
Thanks for the reply.
The goal is to only allow certain devices like laptops, tablets, phone, etc, but no streaming/gaming/printer devices. The way the authz policy is configured, is that all devices can connect to the hotspot splash page. Howev...
So you are saying that even with DNS inspection enabled that I should be able to reach internal DNS servers from the DMZ? I was getting this error when testing:
inspect-dns-invalid-pak
Only fix I could find was to disable DNS inspection.
