Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All,
I have weird issue recently on Cisco ISE and need to seek for some advise. I have deployed the Cisco ISE and switches to adapt the dot1x and mab authentication. however I notice each authorization policy changes will not immediately take effe...
Hi Guys,
Does anyone has experience on the Cisco ISE v2.4 (On prem - virtual) to Cisco ISE v3.x on AWS? Existing ISE is configured to be 802.1x authentication both wired and wireless. Is there migration tool/steps possible or it has to be new setup a...
Hi All, Would like some configuration guide on the attached setup for the cisco asa anyconnect behind another firewall. The perimeter firewall will have public IP address natted to the cisco asa interface (using private ip address). However, in this ...
Hi All,
Could anyone advise on the configuration of the port range port forwarding for the cisco zone based firewall? In face I have the sip trunk that required the range of port forwarding (16000-16511) to internal pabx system.
Many thanks.
Hi Guys,
Anyone experience before connecting both the Cisco 3750x and Cisco 3850 via SFP module? I assume it shld be plug and play without any futher configuration on the interface, in fact the interface is performed no shut already but show down st...
Hi Thomas,
Understand that, i dont expect it to be in realtime but the fact is it should update in certain intervals like what you said reauthentication (switch setting or Authz profile), but isnt it the CoA also will be doing this as well to initial...
Hi Marvin,
Always appreciate your prompt advise.
Yea that is what I think too. Backup restore will be more direct when come to migration. Let me sum up:
1) Backup existing data and operation config, cert and keys from PAN (No deregister is requ...
Hi Marvin,
Well noted. As second opinion, do you think I should use the backup restore method or I should just setup from scratches, meaning build the new v3.3 and configure wireless with 802.1x. Which one to be more seemless looking at the short win...
Hi Marvin,
Basically we have 2 full ise node in the environment, running active and passive. For the staging system, do we need to have 2 full ise node v3.0 as well?Do we need to de-register the existing secondary node and do the backup of primary?
T...
Appreciate the reply.
Will try out the approach above mentioned. How about your experience on any of the Cisco ISE cluster on AWS? I saw some aws cloud transformation (CF) to automate the 2 node across 2 availability zones with other components, to t...
