My customer is asking for Port Pairing (NIC Teaming) for Data port. The customer is going to use only one Data Port for to and fro traffic and want to pair P1 and P2 interface.
My question to you is if there is any downside of using port ...
My customer got WSA S695 appliances and want to connect to 10G. In Datasheet and hardware guide I don't see P1 and P2 interfaces can be replaced with 10G port.
Issue: SGT based ACP doesn't work for static IP-SGT.
Scenario: Have FTD managed by FMC (both version 18.104.22.168). FMC is integrated to ISE version 2.4 p11. After successful integration we can see SGT in FMC.
In ISE we have static IP-SGT ...
I am deploying WSA with HTTPS proxy. for that
1. WSA is working as subCA.
2. Root CA is somewhere else
3. Endpoints have root CA cert
Now when WSA sends certificate to endpoint during https proxy, it doesn't send entire c...
we are planning to create policy on the basis of source SGT in FirepowerFMC/FTD deployment. Target code is 22.214.171.124.
Now we are looking for this deployment scale details. Any pointer is appreciated.
I had offline discussion with John Eppich, and understood that access policy in WSA is not possible on the basis of ISE authenticated active user session, it is possible with either SGT or with AD Groups.
it means, deploying DSR feature is not possible without Load Balancer. Correct me if my understanding is wrong!
Now, in scenario where customer doesn't have Load Balance and have 4 ESA appliances, what would be best design so that customer can load...