Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hey All, I have seen that you are unable to apply a Crypto-Map to a Tunnel interface or Port-Channel, so I am looking for alternative solutions. I have a single router terminating IKEv2 tunnels with 1 Public / 1 Private Interface. I am looking to f...
I am looking for a way to automate some of my server deployments as we migrate from a legacy environment to ACI. We have a number of servers that need to move and majority of them will be configured as a VPC, but they will also have other individual...
I am trying to setup TACACS on some older Brocade switches running 7.4 OS. I have configured one attribute in the Shell Policy brcd-role=admin and that seems to work. However I need to also add a ChassisRole as well to have all the security attribu...
We are looking to move one of our DataCenters to the AWS cloud. Within this DC we terminate SSL VPNs and posture all of the users as they enter our network. Is anyone aware if the Virtual ASA's from the Amazon store support ISE posturing?Appreciate...
This seems like it should be a no brainer for ISE to handle, but I can't seem to get an answer from Cisco yet.I have added my ASA firewall as a network object in ISE and I have selected the TACACS and RADIUS options within that network object. My fir...
Supposedly the following Syntax works on other TACACS platforms but I have not been able to get the Radius responses to work. Is there anyway to apply this in ISE besides one attribute at a time in the shell policy?
service = exec { ...
Yup, I do have the AAA Server Group for that specific Tunnel-Group set as RADIUS:tunnel-group SSL-NETENG general-attributes authentication-server-group RADIUS authorization-server-group RADIUS accounting-server-group RADIUS
I am running into the same issue, but I cannot seem to get my TACACS config to move down under RADIUS no matter my naming convention. Did you do any other trickery besides adding the Z in front?
