Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, I have noted recently that ISE allows to create two overlapped NAD objects in terms of IP. Does anyone have an idea how the matching process looks like then? In our company /24 object had preference causing issues. I am wondering if this is anywh...
Hey All, It seems Cisco made decision to go with FTD as only image for NGFW. Is anyone here who alrady implemented FTD across company (not pilot, not single firwall) ?
Hi, Actually our problem started when we had "IP range" object containing two IPs "80.80.80.8-9/32". It had been never matched despite the there were only one overlapped "80.80.80.0/24" IP address object. Then i asked this question why longer matche...
OK. I think concept is as follow.Lets assume there are 4 NAD objects as follow:TEST.IP1 = 80.80.80.0/24 (Type IP address)TEST.IP2 = 80.80.80.30/32 (Type IP address)TEST.IP3 = 80.80.80.16/32 (Type IP address)TEST.IP4 = 80.80.80.8-9/32 (Type IP range)M...
Hi All, I can confirm. The same issue on 2.4 Patch10. After opening case at Cisco TAC they confirm the problem: CSCvs05437: ISE 2.4p10 Conditional CoA ignored due to duplicate CoA upon EndPoint Identity Group change:https://bst.cloudapps.cisco.com/bu...
Hey Pablo, Thanks for answer.What about VPN functionalities. Both S2S VPN and AnyConnect Remote Access (group polices, Dynamic Access Polices, XML profiles)?
