User Info

Welcome, Guest. Please login or register.
Did you miss your activation email?

Recent Posts

Pages: 1 2 3 [4] 5 6 ... 10
Routing and Switching / SDA border node
« Last post by aris on October 05, 2021, 10:47:05 PM »
Hello all,

I was wondering how difficult is to migrate a 9500 border node to a 9600 when the SDA fabric is up and running. Can they run in parallel and once the physical connections are moved to the new switch the old one can be decommitted.

Thank you.
Security / Re: Device Profiling on behalf of Christopher L
« Last post by Administrator on March 31, 2021, 11:04:00 PM »
You can certainly use RADIUS probe only for profiling by not enabling SNMP poll or configure IP helper but ISE may not have enough information to accurately identify the device. Enabling device-sensor will collect CDP/DHCP info unless a filter is configured. Here is more info

You are not allowed to view links. Register or Login
Security / Device Profiling on behalf of Christopher L
« Last post by Administrator on March 31, 2021, 10:59:29 PM »
I am trying to build a Cat3850 as a device sensor and want to use radius only with ISE to both profile and authenticate... is this possible. I don't want CDP, add my ISE through ip helper or enable SNMP... Can ISE be configured without this additional means. I am in a high security area and don't want this integration between the NAD and the ISE
Security / Re: ISE - user does not have access when password expired
« Last post by MC on January 10, 2021, 03:25:08 PM »
Depending on is rules condition is available, you might be able to allow limited AD access when this happens so user can only change password, otherwise, user may need to change password using other OOB method.
Security / Re: FTD Multicast
« Last post by MC on January 10, 2021, 03:22:18 PM »
I am not aware of any limitation and can't see why it wouldn't work. FTD in the cluster should collaborate multicast forwarding although there may be differences depending if you do L2 or L3 load distribution between FTD in cluster.
Security / Re: ISE - user does not have access when password expired
« Last post by samyasa on January 06, 2021, 02:51:30 AM »
what is the mose that you are using in the switch port (closed mode , Open Mode )?
Security / FTD Multicast
« Last post by samyasa on January 06, 2021, 02:48:36 AM »
kindly I need to know how the FTD cluster will handle Multicast traffic?
if we have an example to be flow in the configuration

we have a cluster of 6 modules X 2 9300 chasses

Security / Re: Wired BYOD error
« Last post by JarvisDashiell on December 15, 2020, 02:06:56 AM »
 ;D ;D
Security / EAP Chaining failing on Reauthentication (Port Bounce)
« Last post by yagneshchouhan on August 18, 2020, 01:52:07 PM »
Hello Friends,

I am trying to solve a problem here with EAP Chaining. I have configured Machine authentication via Cert and User Authentication via MSCHAPv2. Created Authorization profiles for Machine and User and then Attached that to respective Policy for Machine Auth and User Auth.

Everything works as expected on the when the computer boots up and join the network for the first time. It hits the right Machine Authentication policy followed by right User Authentication.

Here is the problem, if the port is bounced or if user disconnects and reconnects to the network, Authorization will fail. I am using PACs and not sure why this would happen.

Any suggestions or help folks ??
Security / ISE - user does not have access when password expired
« Last post by mrimmune on February 19, 2020, 01:55:49 AM »
Hello team,
what maybe reason - I mean configuration , for behavior end user does not has access when password expired .. the user did not pay attention on popup in system tray.. only after machine restart gets notification to change password on windows login..
on ISE "enable change password" enabled and also on allowed protocols..

endpoint configuration:
Authentication mode - user or computer authentication
authentication :
method Microsoft PEAP
remember my credentials for this connection each time i'm logged on - UNCHECKED
fallback to unauthorized network access - UNCHECKED

thanks in advance
Pages: 1 2 3 [4] 5 6 ... 10
SimplePortal 2.3.7 © 2008-2024, SimplePortal