We have a chicken & egg situation where ISE requires a user's login and the presence of a user cert from AD before the user can be permitted to connect to the corporate wifi. But the user needs to connect to wifi to get the cert.
One solution i have ...
On a C9300 switch, is there a limit to how many interfaces can be spanned to one port? For example, say i had a layer 3 network of 10 switches all spanning to a single port on one C9300 - is there a practical limit?
When starting the WLAN wizard on a 9800 controller, the type 'local mode' includes Dot1x auth. But the type 'flex connect' does not. The environment i am migrating from includes a WLAN which uses dot1x for auth and flex connect to have each AP use a ...
I'm applying QoS to a 100mb ethernet link on a Cisco 4431 router. Say i have a priority queue (realtime) set to use 10% of available bandwidth; then a critical apps queue set to 30% of remaining bandwidth; then other queues spit up the remaining. R...
What would be your recommended Cisco model to provide 4 x 10gb ethernet routed interfaces? Support for EIGRP, BGP, and QoS is needed. The less SDWAN functionality the better. Dual PSU is also needed.
Indeed the machine cert is available. However the customer is requiring that an individual user cert be present before a client can be permitted to connect to the corporate wifi proper.
I have erspan configured on a 9300 monitoring a number of vlans local to the switch. I found that when the destination IP the ERSPAN sends to became unavailable, the switch stopped passing traffic on the source vlans. Big impact.
The Cisco NCS540 looks like it does what i need. I understand the NCS range replaces Ciscos Metro Ethernet switch range
Cisco Network Convergence System 540 Medium Density Routers Data Sheet - Cisco