About David Rollins

David Rollins · 08-26-2025

I'm working on ISE 3.3 in an Air-gapped environment. I've recently successfully configured ISE and the switch for 802.1x, RADSEC and am now working on Dynamic VLAN assignment. The Printer currently sits in an routed VLAN (with NO DHCP), that I eventu...

David Rollins · 09-19-2024

Does Firepower have the ability to setup and filter on policies that are based on words, numbers, etc...? Not content restriction or URL filtering. But a dirty word search and filter.

David Rollins · 04-16-2024

I'm involved in the following setup illustrated below. I am Site 4. I have a SIP trunk via the CUBE to Site 1. Calls route between Site 4 and Site 1 with no problem. Is it possible to use Site 1 CUCM, to route calls from Site 4 to Sites 3 or 2? Is it...

David Rollins · 03-01-2024

Firepower FTD CPU 07 spiked to 100% earlier today. And it corresponds to the same time there was a spike on snort03. Snort-busy Frame drops - Snort busy started averaging 100 drops/sec.Is there a way for me to identify what traffic may have started t...

David Rollins · 02-23-2024

I have configured a rule in the Default NAC that is supposed to block a Layer 7 protocol application. When I analyze hit counts, it shows the rule has been matched. And when I analyze connection events, the traffic is showing as dropped. This is the ...

David Rollins · 08-27-2025

I am using open authentication/low impact. I did get it to work though. @Dustin Anderson the mac address logical profile solution still would not work. It didn't work until 1.) I fixed the default gateway in the DHCP offer 2.) Allowed NMAP scan of th...

David Rollins · 08-27-2025

I'm re-testing today. I used the Logical Profile and tested it on the workstations. During initial authentication, it wouldn't profile it. But, on the next re-authentication it would. So I changed the default authentication policy to re-authenticate ...

David Rollins · 08-26-2025

1 If the printer is starting on a vlan with no DHCP, how is ISE getting DHCP for profiling? Did you add a helper on the vlan to send it to ISE? There is a helper on the SVI, switch device classifier and device-sensor filters2 You created a profile ca...

David Rollins · 01-29-2025

I have in fact, verified this process works. I will say, make sure you rename the packages.conf in flash on all Stack members. And I just renamed the existing packages.conf to packages.conf.old.When the switches were reloaded, "sh install summ" showe...

David Rollins · 01-27-2025

4 years later and still providing. Thanks @Bucky

Member Since	‎01-09-2014 07:45 AM
Date Last Visited	‎12-08-2025 02:30 PM
Posts	43
Total Helpful Votes Received	27

User Statistics

User Activity

ISE 3.3 Endpoint Profile assignment based on DHCP ID

Firepower PII/PHI Word Filter

Can CUCM be used to route calls between different sites?

Firepower FTD high CPU

FTD NAC L2 Block not working

Re: ISE 3.3 Endpoint Profile assignment based on DHCP ID

Re: ISE 3.3 Endpoint Profile assignment based on DHCP ID

Re: ISE 3.3 Endpoint Profile assignment based on DHCP ID

Re: Upgrade IOS-XE image pending Reboot.

Re: Secure file transfer with SCP