Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, Right, but here goes: My scenario is that the firm I am working with have already bought machine certs, but at the same time ideally want to deploy differentiated dot1x access based on user attributes. They do not seem willing to buy user certs,...
Hi,I am by no means an SD-WAN expert, but I have been asked to investigate if Cisco have a product which is able to perform routing based on the domain that the packet is destined towards. I have had a quick look and it seems that the only way of acc...
Hi, We are setting up a DNA solution (Full Sd-Access) using Cat9300s as fabric endpoints, and inside the quote there are the following 2 items: CAT-DNA-P-ADD-3YC9300-DNA-P-48-3Y The supplier claims both these licenses are required, but it strikes me ...
Hi, Does anyone have any idea how to configure Anyconnect to obtain a static ip address when using an MFA app like Azure MFA. At the moment I have an ASA pointed towards a Microsoft NPS server with the Azure MFA extension. I have configured each use...
Hi,
I am looking at configuring an ISE server as a radius server.
I need to be able to match on internal users and allocate them to a specific authorization profile as some of the attributes are user-specific (static ip address, static routes) a...
Hi Joseph,
thanks for this -- It has been a very useful sanity check. I need to remember only to count either ingress, or egress traffic, not both.
Very helpful.
Best wishes
Mike
Hi both,
Thank you for rapid response - I was under the impression that by applying the e-delivered TAm license, it would apply control/protection and AMP.
The odd thing is - I raised a TAC yesterday, and received a new Control/Protection license, w...
Hi Leo,
Thanks for replying - I am still looking at this.
I am due a meeting later with the guys who support the clients, I plan to push strongly for a client update. In the meantime I have attached a debug of a client I see disassociating all the t...
Hi,
After a few hours troubleshooting, we realized it was because this image enforces the rfc 2396, and our webpage testers were using illegal characters, specifically the '+' symbol, and the '^' symbol. The ACE was filtering these out causing the ...
