|
|
81
« Last post by dpsharma on July 08, 2018, 07:45:35 AM »
I have attached a screenshot of the these services failure alarm. Need advise as to how to suppress these permanently, until needed.
Thanks
82
« Last post by dpsharma on July 07, 2018, 07:33:15 PM »
Hello,
On a new out of the box Prime UC appliance, running latest 3.4, nothing configured other than initial wizard for networking portion of it, I get two major alarms complaining of Wireless PNP services for Mobility Express and APIC-EM failing to start at scheduled time. There is no need for these services in the environment that we are going to install it. It only has existing network switches to monitor, do configuration management / backups and deploy some CLI templates for common changes (like change password every so often) and firmware updates.
What can be done to stop these and many other unwanted wireless related services, and to not be alerted for such major alarms.
Thanks
83
« Last post by mfahadsid on July 06, 2018, 10:28:40 AM »
Hi,
We are having issues with our Guest Wireless Splash page on some Android devices, our WLC is set to redirect devices on http://1.1.1.1, Multiple blogs suggested to change the Virtual IP Address from 1.1.1.1 as this is acquired by cloud flare dns.
Question is does changing Virtual Interface IP Address requires a reboot of controller?
84
« Last post by sadiqhuss on July 06, 2018, 12:28:44 AM »
Dear Colleague
I am trying to setup local EAP authetication and Radius in one SSID.
My setup is as follow i want office staff to authneticate through windows NPS/AD using EAP configuresd on NPS (Radius). Also i want guest user to authenticated through local net user on WLC. I have cisco WLC 5508 running 7.6. I configured local EAP WLC with PEAP profile.
I also configured SSID with AAA pointing to the NPS server and on Local EAP i choose the EAP profile. The problem is both authentication cannot work together. Only staff can successful authenticate but local net user cannot as it trys to authenticate through radius.
But when i disable radius AAA server it autenticate through local net users.
Please assist .
Thanks
Regards
Sadiq
85
« Last post by Exonix on June 28, 2018, 07:00:05 AM »
Hi, I'm trying to implement a S2S VPN IKEv2 between Cisco ASA 5510 and ISR 886VA. This VPN will use the certificates which are issued by Microsoft CA 2012 R2. I found a very You are not allowed to view links.
Register or Login how to configure NDES enrollment with Microsoft CA 2008 R2, but it seems doesn't work with 2012 R2. I have stopped on the step "checking the certificate" (5:30). I don't receive requested certificate. Moreover I don't see any requests on Microsoft CA. Although I got the root certificate. Could you please help me? Thank you in advance! #crypto pki enroll DC1-Domain-CA
%
% Start certificate enrollment ..
% Create a challenge password. You will need to verbally provide this
password to the CA Administrator in order to revoke your certificate.
For security reasons your password will not be saved in the configuration.
Please make a note of it.
Password:
Re-enter password:
% The subject name in the certificate will include: cn=886VA.domain.domain.local,ou=IT,O=domain,ST=city,C=DE
% The subject name in the certificate will include: 886VA.domain.domain.local
% Include the router serial number in the subject name? [yes/no]: no
% Include an IP address in the subject name? [no]:
Request certificate from CA? [yes/no]: yes
% Certificate request sent to Certificate Authority
% The 'show crypto pki certificate verbose DC1-domain-CA' commandwill show the fingerprint.do sh cry pki cert
CA Certificate
Status: Available
Certificate Serial Number (hex): 47639D3E1676D78342B92E1556CD708F
Certificate Usage: Signature
Issuer:
cn=dc1.DOMAIN.DOMAIN.LOCAL
dc=DOMAIN
dc=DOMAIN
dc=LOCAL
Subject:
cn=dc1.DOMAIN.DOMAIN.LOCAL
dc=DOMAIN
dc=DOMAIN
dc=LOCAL
Validity Date:
start date: 18:21:20 UTC Dec 27 2015
end date: 18:31:20 UTC Dec 27 2020
Associated Trustpoints: DC1-DOMAIN-CAdo sh ver
Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.3(3)M6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Tue 04-Aug-15 05:50 by prod_rel_team
ROM: System Bootstrap, Version 15.4(1r)T1, RELEASE SOFTWARE (fc1)
86
« Last post by pinyowit on June 24, 2018, 07:46:41 PM »
Thank you for this answer.
87
« Last post by robalvarado on June 05, 2018, 12:56:43 PM »
Hello Experts! Has anyone had experience deploying dot1x to Avaya phones using Cisco ISE? I have tried with horrible results... I've opened tickets with Avaya and they insist EAP-TLS has been enabled on the client side however each time I look a the radius logs the client sends an EAP-NAK and doesnt' even want to acknowledge the EAP exchange. So my hope is that someone here has had experience and if they could share that knowledge for the greater good  Warm Regards, -Rob
88
« Last post by MC on May 10, 2018, 09:44:35 PM »
Absolutely, AnyConnect NAM allows two different type of credential for user and machine. You just need to configure it accordingly with the profile editor.
89
« Last post by aris on May 07, 2018, 01:49:56 AM »
Hello,
We are using Anyconnect with EAP Chaining for machine and user authentication but it seems we are hitting bug CSCuc13862 for Win8 and Win10. As we don't want to use the registry workaround the solution would be to use certificates.
As we want to keep Anyconnect, is it possible to use certifacates for machine authentication and credentials for user authentication?
Thank you.
90
« Last post by Kaikagaga on April 19, 2018, 12:23:39 AM »
I think that this question is very good.
|
Recent Posts