Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
In an effort to avoid some looping MAB authentications, which I need to have do at least two authentications, I have created a custom endpoint boolean attribute that I assign "True" or "False" to and match against in multiple MAB Authorization Polici...
We have a a multigiabit core network across 6500s. We have numerous distribution routers that are each connected to two core routers at physically diverse locations. Each DR router connects via a single connection to many access-layer routers. All...
I have tried using anomalous behavior detection and it is pretty much useless. While it was on, I spoofed a MAC address of an active online endpoint and ISE just updated it's database entry for that endpoint to be the info of the new spoofed MAC add...
Too bad a custom attribute cannot be updated. Then ISE should not allow me the option to configure that under the Advanced Attribute Settings in the authorization profile. Is there some other way to set a flag for a device that I can test for in an ...
Thanks for the reply. Unfortunately, changing the delay will not make any difference. The Feasible distance is already higher on on the Core-DR-Core redundant uplinks. Our core is redundant enough with multiple, physically diverse paths and redund...
Thanks for the reply. The EIGRP stub option works well for the access layer routers, but not for the distribution layer routers. This network is too dynamic and has way too many routes at the access layer routers that must be advertised to the enter...
