About HansK_NL

HansK_NL · 05-13-2025

We are looking for a way to establish whether or not a SSD is present in a Cat9300 switch, but haven't found a solution, yet. We found a post referring to the possibility to test for a tag assigned to an interface interface.getTag("") and were wonder...

HansK_NL · 11-01-2024

Hi everyone, I need your help and insights on the subject of (specifically) protecting the MAC address of the subnet gateway from being spoofed by an endpoint. We recently received a report pointing out the lack of protection of the gateway MAC addre...

HansK_NL · 09-17-2024

ISE doesn't seem to make use of the latest and greatest table of MAC OUI Vendor strings (again) I have around 100 endpoints profiled as "Unknown", with OUI Attribute "UNKNOWN" for which www.macvendors.com (in most cases) lists a vendor string. e.g. E...

HansK_NL · 04-04-2023

In our DNA Center we have a Day-N template for Interface Templates on Fabric Edge switches. These interface templates are dynamically called from ISE authorisation profiles to tweak interface parameters. Now, when we need to remove or rename an inter...

HansK_NL · 11-14-2022

I'm subscribed to the feed service and receive a weekly update to profiler feed service changes from Cisco. Over the last weeks I noticed there have been no updates at all in this area. (last update was August 6th 2022) The ISE endpoint database list...

HansK_NL · 11-25-2024

Hi Jerome, I've found the presentation you mentioned (BRKENS-3555), it's a very good read.At page 157 the relevant (to me) chapter starts. It seems like I see all the right values for device-tracking on my switches.yet, when I test in a FIAB environm...

HansK_NL · 11-11-2024

Hi Jerome, One thing that is bothering me, has todo with laptops using a dockingstation (USB-C/Thunderbolt connection) and/or connected to a PC port of an IPPhone. When the user connects a laptop, it creates an access-session on the switch. And a reg...

HansK_NL · 11-07-2024

Aha than we have found our culprit, root cause and solution. We have a working DT solution with all features enabled (as is default in SD-A) But we're running IOS-XE 1.7.6.5 on the switches involved in the P&H testing, so theft is detected, but not b...

HansK_NL · 11-07-2024

Oh, IOS-XE 17.6.5 + selected SMU and 17.9.5 + selected SMU

HansK_NL · 11-07-2024

Hi Jerome, I appreciate you answering. The PEN tester was connected to a Fabric Edge and on a regular client port. We're running an SD-A that was first build in 2020 (release DNAC v1.3) We noticed that a lot has changed in DNAC and not all design cha...

Member Since	‎10-11-2019 04:46 AM
Date Last Visited	‎12-08-2025 02:30 PM
Posts	22
Total Helpful Votes Received	5

User Statistics

User Activity

Velocity template testing on device tag

Gateway protection in an DNA Center SD-A environment

ISE v3.3p3 profiles endpoint as "Unknown", based on MAC OUI Vendor

DNA Center Template handling - ignore IOS output

Cisco ISE OUI Database

Re: Gateway protection in an DNA Center SD-A environment

Re: Gateway protection in an DNA Center SD-A environment

Re: Gateway protection in an DNA Center SD-A environment

Re: Gateway protection in an DNA Center SD-A environment

Re: Gateway protection in an DNA Center SD-A environment