I have 2 ISR 4431 configured to establish an L2TP tunnel over ipsec through my internal network. The aim is to stretch a vlan so it is accessible from a remote location. Here is the topology
Client (2.2.2.9/24) -- (2.2.2.2/24)router(3.3.3.1/24) --...
I have need to present a given single vlan on two C9300 switches separated by a layer 3 network. The presentation should be bidirectional and transparent. What would be the best kind of vpn setup to use?
We have a chicken & egg situation where ISE requires a user's login and the presence of a user cert from AD before the user can be permitted to connect to the corporate wifi. But the user needs to connect to wifi to get the cert.
One solution i have ...
On a C9300 switch, is there a limit to how many interfaces can be spanned to one port? For example, say i had a layer 3 network of 10 switches all spanning to a single port on one C9300 - is there a practical limit?
When starting the WLAN wizard on a 9800 controller, the type 'local mode' includes Dot1x auth. But the type 'flex connect' does not. The environment i am migrating from includes a WLAN which uses dot1x for auth and flex connect to have each AP use a ...
When the c9300 first came out, i was disappointed to learn that a firmware update takes down the whole stack. Other vendors do individual updates of stack members, whilst keeping the stack alive, with ease. I had hoped that there would be a reliable ...
Indeed the machine cert is available. However the customer is requiring that an individual user cert be present before a client can be permitted to connect to the corporate wifi proper.
I have erspan configured on a 9300 monitoring a number of vlans local to the switch. I found that when the destination IP the ERSPAN sends to became unavailable, the switch stopped passing traffic on the source vlans. Big impact.
