About AFlack20

AFlack20 · 10-18-2022

Hi all, Does anyone have any specifics on how to configure a Linux server for DNA to do backups to? We have a fresh RHEL v9 installed with the rsyncd utility running but we keep getting the following message on DNA... Remote server is not supported: ...

AFlack20 · 09-07-2022

From my understanding of FIPS mode on ISE in order for radius to function on the network access device, it must be configured to utilize AES Key Wrapping. From the guides I've found online to configure the key-wrap the following commands are necessar...

AFlack20 · 08-25-2022

I need to test some functionality of FIPS mode and am trying to enable it in a new lab of ISE 3.1 But when I go to admin>system>settings>FIPS Mode>Enabled and try to save I get a error message about needing to use "Default Device Admin" policy in Def...

AFlack20 · 06-22-2022

Two part question here; Customer has a two node ISE deployment (primary and secondary PAN) that need to have FIPS enabled for compliancy reasons. First what are some of the potential issues that could arise from enabling FIPS mode within their prod...

AFlack20 · 06-16-2022

This is a python script I'm making to run against a network switch to check if do1x has been enabled on access ports that aren't in vlan 77 I have a dictionary object that has key's nested with-in key's (don't know the correct term for this). I need ...

AFlack20 · 08-29-2022

Was able to resolve the issue with enabling FIPS. Had to create a new discussion which brought to light an existing known bug. https://bst.cisco.com/bugsearch/bug/CSCvs70863 Posting here for those that might find this discussion in the future.

AFlack20 · 08-29-2022

This was the case I followed the instructions as listed within the workaround and was able to get FIPS enabled. Appears this bug is still affecting versions all the way to ISE 3.1 which i have installed on my lab.

AFlack20 · 07-14-2022

Trying to enable fips in my lab and keep getting the following message. I've tried editing the the allowed protocols in the default device admin and default network access but with no success to getting fips to enable. Can anyone please decrypt the ...

AFlack20 · 06-22-2022

Hey Damien, Really appreciate the response! I do have a couple of follow up questions. What do you mean that LDAP over SSL will be affected? We're in the process of converting the customer to LDAPS from a basic ISE-AD integration, with the impression...

AFlack20 · 01-11-2022

Just to clarify, you're saying that the "maglev" account is the only account that can SSH directly to the CLI?

Member Since	‎10-13-2017 07:40 PM
Date Last Visited	‎11-17-2022 03:50 PM
Posts	69
Total Helpful Votes Received	20

User Statistics

User Activity

DNA Backup server configuration requirements

FIPS Radius Key-Wrap configuration for Switch

Enable FIPS on ISE new lab

Enabling FIPS on ISE & potential impact

Loop to check dictionary object for key

Re: Enabling FIPS on ISE & potential impact

Re: Enable FIPS on ISE new lab

Re: Enabling FIPS on ISE & potential impact

Re: Enabling FIPS on ISE & potential impact

Re: Add SSH username to DNAC