About Jozef Cmorej

Jozef Cmorej · 07-13-2021

Hi all,I am trying to migrate Checkpoint FW to FMC using the Firepower migration tool.It seems that the Checkpoint configuration has been extracted properly from secure gateways and smart console but I get an error message during the parsing phase an...

Jozef Cmorej · 12-15-2020

Dear community, my customer is experiencing a problem with Windows 10 after the migration from ACS to ISE 2.7, patch 2.Windows 10 Clients (Version 1909) are using a built-in Windows Supplicant to get authentication via 802.1x to the wired and wireles...

Jozef Cmorej · 05-01-2019

Hello,does anybody know if and how it's possible to configure a TLS version on a Lightweight Access Point 2600 (SW 8.3.143.0) when I want to enable an 802.1X Supplicant? I would like to disable TLS1.0 on the Radius server but have not found a way to ...

Jozef Cmorej · 02-06-2019

Hello, I would like to import a wildcard cert to one of the PSNs in the DMZ that provides guest access. I can import the cert with the private key to the PAN but not to the rest of the ISE nodes as I cannot select a specific node during the import ...

Jozef Cmorej · 12-31-2018

Hi all, An FlexConnect AP is authenticated via 3650/3850 SW 16.x against ISE 2.3 with multi-host mode and there is the default ACL on the interface allowing only DHCP/DNS traffic before succesfull AuthC/AuhtZ. Is it possible to allow any communicatio...

Jozef Cmorej · 09-10-2021

A Checkpoint gateway 1100 is not supported with the migration tool as it uses a bit different CLI syntax. Some commands are not presented on 1100 which causes an interruption of the migration process.

Jozef Cmorej · 12-16-2020

Hi Greg,thanks for your comment.We do not use wildcard certificates. As mentioned above, the same laptop gets authenticated using PEAP-MSCHAVPv2 with TLS 1.2 to the wired network.I will try to disable TLS 1.2 to see if it helps.

Jozef Cmorej · 05-08-2019

ISE 2.3 initially, then 2.4, patch 6

Jozef Cmorej · 05-06-2019

I have found the following bug ID in my mailbox:https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj86626Removing MAB from the interface is a consequence of the different bugs/issue related to this software with IBNS2.0.Anyway, I would recommend openi...

Jozef Cmorej · 05-02-2019

Thanks for your reply.But as far as I know, these settings are related only to the HTTPS web server running on the WLC.In my scenario, a TLS tunnel is established between the AP 802.1X supplicant and the Radius server.

Member Since	‎07-19-2007 11:06 PM
Date Last Visited	‎09-23-2024 01:12 AM
Posts	33
Total Helpful Votes Received	75

User Statistics

User Activity

FW Migration from Checkpoint R80.40 to FMC 7.0 using Firepower migration tool 2.3.5

ISE 2.7, P2 - Windows 10 (Version 1909) cannot connect to Wireless 802.1X via TLS 1.2

LAP2600 / 802.1X Supplicant / TLS Version

Unable to import a wildcard cert to the PSN

Wired NAC / FlexConnect AP / pre-auth default ACL / dACL permit ip any any

Re: FW Migration from Checkpoint R80.40 to FMC 7.0 using Firepower mig

Re: ISE 2.7, P2 - Windows 10 (Version 1909) cannot connect to Wireless 802.1X via TLS 1.2

Re: ibns 2.0 fuji 16.9.3 mab is being removed from inf template & port during authentication with async .1x & mab authen policy

Re: ibns 2.0 fuji 16.9.3 mab is being removed from inf template & port during authentication with async .1x & mab authen policy

Re: LAP2600 / 802.1X Supplicant / TLS Version