collapse

Search


User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Recent Posts

Pages: 1 ... 6 7 [8] 9 10
71
Other / Re: Stopping unneeded PNP / APIC-EM Services on Prime Infra 3.4
« Last post by dpsharma on July 08, 2018, 10:38:51 AM »
So far, I have done following and let us hope this will get rid of these unwanted alarms:

1. Administration / Dashboards / Job Dashboard. Go under System Jobs, APIC-EM Integration, selected the APIC-EM Site sync, and then clicked on pause series to suspend the schedule.  Did a application service NCS stop and start and this service remains suspended.

2. At the same place, under system Jobs, Infrastructure, selected last service of Post PNP image upgrade and paused / suspended the service.

3. Administration / System settings / Network and Devices, Unified AP reachability and chose to disable it.

Need to wait to see if any more services fire up alarms.

Thanks
72
Other / Re: Stopping unneeded PNP / APIC-EM Services on Prime Infra 3.4
« Last post by dpsharma on July 08, 2018, 09:52:14 AM »
I came across another thread on similar situation and I have posted more details in there.

You are not allowed to view links. Register or Login

Thanks
73
Other / Re: Stopping unneeded PNP / APIC-EM Services on Prime Infra 3.4
« Last post by dpsharma on July 08, 2018, 07:45:35 AM »
I have attached a screenshot of the these services failure alarm. Need advise as to how to suppress these permanently, until needed.

Thanks
74
Other / Stopping unneeded PNP / APIC-EM Services on Prime Infra 3.4
« Last post by dpsharma on July 07, 2018, 07:33:15 PM »
Hello,

On a new out of the box Prime UC appliance, running latest 3.4, nothing configured other than initial wizard for networking portion of it, I get two major alarms complaining of Wireless PNP services for Mobility Express and APIC-EM failing to start at scheduled time. There is no need for these services in the environment that we are going to install it. It only has existing network switches to monitor, do configuration management / backups and deploy some CLI templates for common changes (like change password every so often) and firmware updates.

What can be done to stop these and many other unwanted wireless related services, and to not be alerted for such major alarms.

Thanks
75
Wireless / Cisco WLC Guest Wireess Splash Page on Andriod Devices
« Last post by mfahadsid on July 06, 2018, 10:28:40 AM »
Hi,
We are having issues with our Guest Wireless Splash page on some Android devices, our WLC is set to redirect devices on http://1.1.1.1, Multiple blogs suggested to change the Virtual IP Address from 1.1.1.1 as this is acquired by cloud flare dns. 

Question is does changing Virtual Interface IP Address requires a reboot of controller?
76
Wireless / Radius/Local EAP Authentication in Single SSID
« Last post by sadiqhuss on July 06, 2018, 12:28:44 AM »
Dear Colleague

I am trying to setup local EAP authetication and Radius in one SSID.

My setup is as follow i want office staff to authneticate through windows NPS/AD using EAP configuresd on NPS (Radius). Also i want guest user to authenticated through local net user on WLC. I have cisco WLC 5508 running 7.6. I configured local EAP WLC  with PEAP profile.
I also configured SSID with AAA pointing to the NPS server and on Local EAP i choose the EAP profile. The problem is both authentication cannot work together. Only staff can successful authenticate but local net user cannot as it trys to authenticate through radius.

But when i disable radius AAA server it autenticate through local net users.

Please assist .

Thanks

Regards
Sadiq 
77
Security / Cisco and Microsoft PKI
« Last post by Exonix on June 28, 2018, 07:00:05 AM »
Hi,
I'm trying to implement a S2S VPN IKEv2 between Cisco ASA 5510 and ISR 886VA.
This VPN will use the certificates which are issued by Microsoft CA 2012 R2.
I found a very You are not allowed to view links. Register or Login how to configure NDES enrollment with Microsoft CA 2008 R2, but it seems doesn't work with 2012 R2. I have stopped on the step "checking the certificate" (5:30). I don't receive requested certificate. Moreover I don't see any requests on Microsoft CA. Although I got the root certificate.
Could you please help me?
Thank you in advance!

Code: You are not allowed to view links. Register or Login
#crypto  pki enroll DC1-Domain-CA
%
% Start certificate enrollment ..
% Create a challenge password. You will need to verbally provide this
   password to the CA Administrator in order to revoke your certificate.
   For security reasons your password will not be saved in the configuration.
   Please make a note of it.

Password:
Re-enter password:

% The subject name in the certificate will include: cn=886VA.domain.domain.local,ou=IT,O=domain,ST=city,C=DE
% The subject name in the certificate will include: 886VA.domain.domain.local
% Include the router serial number in the subject name? [yes/no]: no
% Include an IP address in the subject name? [no]:
Request certificate from CA? [yes/no]: yes
% Certificate request sent to Certificate Authority
% The 'show crypto pki certificate verbose DC1-domain-CA' commandwill show the fingerprint.

Code: You are not allowed to view links. Register or Login
do sh cry pki cert
CA Certificate
  Status: Available
  Certificate Serial Number (hex): 47639D3E1676D78342B92E1556CD708F
  Certificate Usage: Signature
  Issuer:
    cn=dc1.DOMAIN.DOMAIN.LOCAL
    dc=DOMAIN
    dc=DOMAIN
    dc=LOCAL
  Subject:
    cn=dc1.DOMAIN.DOMAIN.LOCAL
    dc=DOMAIN
    dc=DOMAIN
    dc=LOCAL
  Validity Date:
    start date: 18:21:20 UTC Dec 27 2015
    end   date: 18:31:20 UTC Dec 27 2020
  Associated Trustpoints: DC1-DOMAIN-CA

Code: You are not allowed to view links. Register or Login
do sh ver
Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.3(3)M6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Tue 04-Aug-15 05:50 by prod_rel_team

ROM: System Bootstrap, Version 15.4(1r)T1, RELEASE SOFTWARE (fc1)
78
Routing and Switching / Re: Cisco 3750 !!! WARNING: The switch is not usable !!!
« Last post by pinyowit on June 24, 2018, 07:46:41 PM »

Thank you for this answer.
79
Security / Avaya 802.1x Deployment
« Last post by robalvarado on June 05, 2018, 12:56:43 PM »
Hello Experts!

Has anyone had experience deploying dot1x to Avaya phones using Cisco ISE?  I have tried with horrible results...

I've opened tickets with Avaya and they insist EAP-TLS has been enabled on the client side however each time I look a the radius logs the client sends an EAP-NAK and doesnt' even want to acknowledge the EAP exchange. 

So my hope is that someone here has had experience and if they could share that knowledge for the greater good :)

Warm Regards,
-Rob
80
Security / Re: EAP Chaining
« Last post by MC on May 10, 2018, 09:44:35 PM »
Absolutely, AnyConnect NAM allows two different type of credential for user and machine. You just need to configure it accordingly with the profile editor.
Pages: 1 ... 6 7 [8] 9 10
SimplePortal 2.3.7 © 2008-2024, SimplePortal