About stamperbrian

stamperbrian · 02-22-2023

Trying to get this setup and it appears to be successful when I setup the DC's and configure them. This is for FMC in the background to identify users/devices. However, in the dashboard the provider always shows down. After a lot of research it ap...

stamperbrian · 08-01-2022

I have a S2S VPN between two locations. Recently playing with Veeam and tried to deploy a VMWare backup proxy at the other end and kept getting errors that it couldn't connect to vCenter. Playing with this I find out none of my machines at the remo...

stamperbrian · 05-29-2022

So, as part of my lab I have a site to site vpn tunnel between two sites. One of them is a cloud hosted bare metal ESX server. After adding it to my vCenter I realized I couldn't view the remote consoles of any of the VMs. Looking at the firewall ...

stamperbrian · 01-18-2022

I set out to test this and make it work but am stuck with the client never redirecting. I followed this guide and searched high and low through a number of others as well as looking at ISE configurations on ASA for additional examples.https://www.cis...

stamperbrian · 01-02-2022

Doing a bunch of testing with FMC/FTD and came across this article talking about inspection of packets that pass before traffic is identified. I'm testing this with ftp. My policy is very simple (picture attached). The traffic in question will hit...

stamperbrian · 02-22-2023

This was it. I had already deployed the agents but hadn't added the DCs using the agents! Story of my life. One step short of my goal Thank you so much!

stamperbrian · 01-19-2022

In addition since this is in lab and I've done a lot with the FTD in use I built a new one, followed the FTD portion of the guide I put in the first post and again, same issue. I hit the right ISE policy, get the redirect url. On the client can pin...

stamperbrian · 01-19-2022

I've tried the ACL redirect a couple different ways. Right now its:deny any ISEdeny any DNSpermit any any I've tried it with permit any http as well but doesn't seem to make a difference. With the packet capture I have to wait till the VPN is estab...

stamperbrian · 09-01-2021

I kinda wondered about that. Was just trying to make it so I didn't have to worry about having a PKI environment to do the testing. THanks!!!

stamperbrian · 03-14-2021

I see that its more reactive than proactive with this. It doesn't just probe AD and grab data to populate endpoints. It uses it when it see's new endpoints with mab/dot1x to check and gain more info! THanks much!

Member Since	‎08-16-2017 08:45 AM
Date Last Visited	‎03-01-2023 06:44 AM
Posts	19
Total Helpful Votes Received	26

User Statistics

User Activity

ISE Passive Identity

Can't access https over S2S VPN

Snort rule identification/analysis

Anyconnect ISE Posture redirect

FMC/FTD Inspection before identification

Re: ISE Passive Identity

Re: Anyconnect ISE Posture redirect

Re: Anyconnect ISE Posture redirect

Re: FTD/FMC SSL Decrypt Issue

Re: ISE not pulling endpoints from Active DIrectory