Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,I had an 2960x access stack go down in the middle of the night (of course). On the 9500 core, I found the following logs:015356: Jun 18 2021 03:15:24.087 CDT: %SPANTREE-2-UNBLOCK_CONSIST_PORT: Unblocking Port-channel1 on VLAN0400. Port consiste...
Hello,
I was just looking into setting up the TID feature on Firepower management center. I have most of it configured, but my SFR modules are not showing up as "Elements" under the Intelligence tab. I have Access policies running on all of my module...
Hello,I am implementing an 802.1x environment using Cisco NAM for user+machine auth. I am using "Connect before Logon". When I put in my credentials and press enter I can immediately see the connection attempt in the ISE RADIUS logs, but it is only p...
Hello,I am working on implementing user+machine auth via AnyConnect NAM and ISE 2.3. Everything is pretty much working, except I would like to hide the NAM connection that pops up on login when a user logs in. I think seeing that pop up will scare so...
Hello,
Sorry that this has been asked a dozen times or more, but I can not find anything current that directly answers the question.
I am trying to authenticate users based on both AD user group and machine name or group using ISE 2.3. Machines are...
I think my main question at this point is why would BPDU guard be shutting down these ports if it is not enabled? Is there something that would be putting BPDU guard on every port? Here is the ports on the C9500 side:interface Port-channel1
descrip...
Sorry for the confusion, this is a production stack, so I cant leave it it in an errored state. The stack is currently running off of 1/0/49 its just not in the group channel.
Here is a section of the log from when I was working on it yesterday. Unfortunately, I do not have the logs from the first time it happened. Currently the stack is having to be run off a single uplink. Any attempt to put it into a port-channel causes...
Hello everyone,I apologize for lack of response. I was going through the configs and found what I thought was some config mismatch. I put the port channel memberships on the ports and I lost connectivity to the switch stack. version 15.2
no service p...
You guys are brilliant! I created a new DACL allowing only authentication access to AD and set a policy to allow "user failed and machine passed". I could see that the computer would get that policy at login screen. Logging into the computer, the NAM...
