Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All,Does anyone know if the 7937 phone supports EAP-TLS 802.1x with MIC or LSC certs ?I've found in CUCM there is no dot1x configuration options.On the phone it seems to support EAP-MD5 only ?This doco talks about firmware 8.5, 9 etc. http://www....
Hi All,I have a cisco VPN client that needs to connect to remote sites via headoffice. The software vpn client connects to headoffice ok (Cisco 1801). The headoffice router knows how to get to the remote site. The VPN client can get to headoffice ...
can I have an IOS 857w router as root bridge and 1200 series in repeater mode ?I have non cisco wireless clients ? Doco says enabling aironet extensions for repeater mode means non cisco clients don't work well. Is this still the case ?Also i read ...
Hi All,I've got a 1800 series router. Its currently doing VPN on a stick - eg site to site VPN's with remote sites internet tunneled back through main site. I dont have a proxy server at all. Internet is natted by a loopback interface on the 1800 ...
Hi Everyone,Just wondering if there is any problems updating from 7.0(2)4 to 7.2.x on a 515E ?The client doesn't have smartnet, so I assume they will need to order that first before they can download 7.2.Any other technical issues ? I have confirmed...
This is a common requirement.Firstly you need to understand the windows 802.1x built in supplicant doesn't do user and machine authentication simultaneously. It will do machine auth prelogin, and then on login it will do user auth. Never both at ex...
ISE can dynamically assign vlans. It is a common setup to assign specific vlans to specific AD user groups.You just create a auth z policy for each AD group / vlan.On the wireless controller make sure you enable AAA override on the WLAN. I think dy...
Make sure its "called station ID" - not "calling station ID". You mention "Call Station ID" above. Make sure you use conditions not constraints in NPS.Check windows event log for more details.Post a screenshot of your policy if your still stuck.
This is pretty straightforward. Just create a NPS policy for each SSID.A simple policy could check 3 conditions.Windows Groups = DOMAIN\GroupABCCalled Station ID = .*:SSIDNAME$NAS Port ID = Wireless IEEE or Wireless OtherJust change SSIDNAME to whate...
Looks like ACS 5.4 is sharing MAR cache. Hopefully ISE picks up that technology too.http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.4/user/guide/users_id_stores.html#wp1307694Distributed MAR Cache ACS 5.4 supports the M...
