Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all,I am trying to migrate Checkpoint FW to FMC using the Firepower migration tool.It seems that the Checkpoint configuration has been extracted properly from secure gateways and smart console but I get an error message during the parsing phase an...
Dear community, my customer is experiencing a problem with Windows 10 after the migration from ACS to ISE 2.7, patch 2.Windows 10 Clients (Version 1909) are using a built-in Windows Supplicant to get authentication via 802.1x to the wired and wireles...
Hello,does anybody know if and how it's possible to configure a TLS version on a Lightweight Access Point 2600 (SW 8.3.143.0) when I want to enable an 802.1X Supplicant? I would like to disable TLS1.0 on the Radius server but have not found a way to ...
Hello,
I would like to import a wildcard cert to one of the PSNs in the DMZ that provides guest access. I can import the cert with the private key to the PAN but not to the rest of the ISE nodes as I cannot select a specific node during the import ...
Hi all,
An FlexConnect AP is authenticated via 3650/3850 SW 16.x against ISE 2.3 with multi-host mode and there is the default ACL on the interface allowing only DHCP/DNS traffic before succesfull AuthC/AuhtZ. Is it possible to allow any communicatio...
A Checkpoint gateway 1100 is not supported with the migration tool as it uses a bit different CLI syntax. Some commands are not presented on 1100 which causes an interruption of the migration process.
Hi Greg,thanks for your comment.We do not use wildcard certificates. As mentioned above, the same laptop gets authenticated using PEAP-MSCHAVPv2 with TLS 1.2 to the wired network.I will try to disable TLS 1.2 to see if it helps.
I have found the following bug ID in my mailbox:https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj86626Removing MAB from the interface is a consequence of the different bugs/issue related to this software with IBNS2.0.Anyway, I would recommend openi...
Thanks for your reply.But as far as I know, these settings are related only to the HTTPS web server running on the WLC.In my scenario, a TLS tunnel is established between the AP 802.1X supplicant and the Radius server.
