Hello everyone, We actually use an ISE (version 3.1) to authenticate endpoints in wifi using a certificate.The configuration is pretty simple but now we want to allow authentication for internal users (created and stored in the ISE) Problem is, the ...
Hi everyone,We have 2 N9K C93180LC-EX with 5 N2K-C2348 FEX attached (dual home).We experienced some issues during the upgrade as we are getting some ports in "inactive" status. We tried to understand where the problems is but we can't figure it out. ...
Dear all,
I'm actually stuck implementing PBR on a N9K.
I have 4 x C93180LC-EX, 1 cluster of 2 in one site, the other cluster of 2 in another site.
Both are connected via vPC, the configurations seems pretty similars.
Both sites have FEX members...
Dear all, I'm writing you regarding a big headache I have with a active/passive ASA 5510 cluster. Both have been updated to their latest version ( 9.1.7 ). Since 4/5 months now, we have complaints from users as their IP phone reboot nearly 5 to 6 tim...
Dear all, As I'm experiencing some CPU-hog on a cluster of ASA5510 (Active/Standby scheme), to fix the problem it is recommended to upgrade the IOS. Both firewall are running on ISO 8.4.(4) - have 1024 MB RAM - and use ASDM 6.4(I know the device and ...
Thanks Arne for the reply. I forgot to mention the fact that before using the Authentication Policy there is a first rule with "Wireless 802.1x" as a condition and as allowed protocol "EAP-TLS". Do I have to create a whole new policy before that one ...
We upgraded from 7.0(3)I7(5) to 7.0(3)I7(10). It seems that no L2 devices should be connected to FEX unless you do a VPC between FEX. Anyway, it seems that we'll have to remove one N9K and put the same configuration as the other one.
Little update, we finally found the cause of the problem.
With Nexus 9300 EX series, you can't do PBR with interfaces on FEX.
Our "next-hop" was on FEX interfaces , that's why it didn't work.
As soon as we changed it and put the next hop on an...
Here is the summary Creating the access-list
N9K# configure terminal
N9K(config)# ip access-list ACL
N9K(config-acl)# permit ip 10.1.1.0 0.0.0.255 11.0.0.0 0.255.255.255
Creating the route-map policy
N9K# configure terminal
N9K(config)#...