About PAUL TRIVINO

PAUL TRIVINO · 07-29-2016

I have a couple questions about route tagging. I don't currently use it but it may help with some issues. As I understand it: BGP tags routes "automagically" with the AS numberEIGRP does not tag routes unless explicitly told toOSPF does not tag rou...

ISE Map IP->User without CDA? · 03-23-2015

I have been investigating using CDA to get IP->User mapping, to allow us to write User/Group rules on the ASA firewalls. My server engineers do not want to apply the patches and especially the registry changes on our domains controllers. We were als...

PAUL TRIVINO · 12-18-2014

I have been tasked with getting so that our ASA rules have visibility to what user is hitting a rule (not necessarily to enforce rules that way, yet). I am not sure where to even start this process.I see the "Identity Options" policiy in CSM, which ...

PAUL TRIVINO · 03-13-2014

We are trying to restructure our edge network. The ASA with NATs is currently on a natural /24, as is its upstream router. We are trying to change the ASA and router to reside on a /28 that is part of the existing /24. In so doing we have added ro...

PAUL TRIVINO · 10-01-2013

We have a few APs - CAP3502 and LAP1242s for the most part - whose H-REAP "Native Vlan" doesn't match the switchport's native vlan. It appears that the switchport native vlan is what gets used for the AP for DHCP (it gets an AP IP address from that ...

PAUL TRIVINO · 02-25-2015

This appears to be still true in CSM 4.7.0 but the answer appears to still work, too. Thanks.

PAUL TRIVINO · 12-19-2014

Excellent, thanks.

PAUL TRIVINO · 12-19-2014

Karsten, one thing we'll want is to test first, of course - do you happen to know if I can then specify "Any" for User/Group in a rule, and have the UserID and/or Group be in the log messages? Thanks again.

PAUL TRIVINO · 12-18-2014

Karsten, thanks. Those look like good links (they *work*, for sure...;^) and will be useful. I'll come back and mark this Correct as soon as I read them.Thanks again.

PAUL TRIVINO · 11-10-2014

Not sure but it happens in CSM 4.4.0SP2 as well. I am hoping it goes away as of 4.7. But, it doesn't seem tremendously harmful, either.

Member Since	‎11-20-2003 08:59 AM
Date Last Visited	‎08-21-2019 12:28 AM
Posts	211
Total Helpful Votes Received	107

User Statistics

User Activity

Route tagging questions - "blank" tag, and tags change?

ISE Map IP->User without CDA?

ASA "AD Integration" - where to start

ASA NAT when not on interface network

What is AP H-REAP Native Vlan used for?

This appears to be still true

Excellent, thanks.

Karsten, one thing we'll want

Karsten, thanks. Those look

Not sure but it happens in