Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I have a site in DNAc for which I have created and assigned a network profile for DayN provisioning. This site, however, has multiple switch models, 9300-48 and 9300-24. Knowing that I can assign only one profile to a site, how can I have differen...
Has anyone gotten DNS to work over the diagnostic interface on FTD version 6.6.5?Gone through the steps, but FTD will not resolve names configured in policies via the diagnostic interface. I don't want to use the data interfaces as they are isolated ...
Hi,Is there anyone that can point me in the right direction of how to create access policies on FMC based on information from pxGrid, when ISE is using machine-based authentication? From what I learnt, since machine authentication logs the user as ho...
Is there a way to have active/backup vti tunnels to two different Data-Centers without using two active crypto settings? I currently have two crypto setup; one to each DC, two vti tunnels to either DC, IP sla to track the status of the active and EEM...
Can anyone help with a technical reason why hsrp should not be extended across DCs, asides from not recommended by Cisco, Latency and non-optimal reasons?I have OTV across my 2DCs using ASR1ks and a pair of 5ks in the data centers. At the moment I ha...
Worked like a charm. Same site, same profile, different templates with unique characteristics, different tags based on a chosen device identifier.Thanks.
Hi Rob,Your response does not include an answer to if FTD stores the user in its local cache or has to query FMC for every session. This will help understand what happens when FTD loses connectivity to FMC. Please share any relevant documents.
Thanks for your response, Rob.Using the computer ID in the ISE access rule will defeat the ability to log activities based on the user name. I might be limited to using SGT here. What I'm shying from is having to break down the domain computer/authen...
thanks Tim,Does this mean Im limited to PEAP authentication only when using ISE active authentication? Or do you know of any other option?What do you mean by reach out to the FMC team? Through an official Tac case?
