hi , i know how q in q work but i don't understand why i need q in q when we have a leased line installed between two locations. we delivered a solution to one of our customer and the design is to install leased line between multiple office in hub a...
Is there a way to configure EAP-TLS for two dominas on ISE
abc.com and xyz.com
i know that you can do this if you two child domains. but is it possible whit two totally different domains ?
Thanks in advance.
at the moment we have two DC's with the same provider , L2 is spanned between both of them.
recently we have started to experience a lot of problems in the secondary DC , so we decided to move it to a new hosted environment.
what is the consid...
I hope that someone can clarify this to me.
a site to site was configured properly without any problem . A NAT was required to change the source address, the destination is unique to the site(NO NAT) .
the vpn was up but there was no traffic going ...
i hope that someone can help me with this .
im planning to configure a PBR on the core switch to route traffic coming from /24 subnet to a group of subnets the can be summarize 10.128.0.0/9 for traffic on port tcp/5900 only .
the process is s...
thank you nspason, just to clarify something , ISE will not have a problem if it receives usernames from different domain as long as ISE trust the CA responsible for issuing the certificate for each domain.
and i can create two certificate profile fo...
does it perform the next-hop even if there was no valid route for the required traffic in the routing table ? if yes , this is exactly what i need .
i dont need the routing table to be involved in the decision .
Thank you for your replay.
- to be clear , can i replace the WSA with the firepower ? when we say cashing, is it the web cashing we are talking about and will the windows browsers do this job ? -
I thought about this solution but there is one problem with it. the COA does not allow you to resend a new authorization profile with different result. can i push a msg for users as part of the authorization profile? ex: non complaint devices --> den...
I Captured the traffic using wireshark and i noticed that the anyconnect agent is trying to get to enroll.cisco.com. so i added it to host file on windows to point to an ip address (within the split tunnel range) and it work. the workaround was to pu...