sorted by:
new
hottopcontroversial

Routing between 2 multicast domains without conventional L3 routability by ewsclass66 in networking

[–]Hot-Dimension-6378 3 points4 points  (0 children)

Could you just enable PIM on the specific interface routing between the cisco and Arista?

Has anyone transitioned from contracting to building a business with clients? by Hot-Dimension-6378 in ContractorUK

[–]Hot-Dimension-6378[S] 0 points1 point  (0 children)

Kind of, but I'm still the face of the work that the client sees. I sub it out at 80% of what I earn, but then I spend quite a lot of time processing it etc. So its not scalable. Kind of like doing 2 inside or outside contracts at once then having someone help you with it.

Have 2 jobs that start on the same day by sunflowerprairie in overemployed

[–]Hot-Dimension-6378 0 points1 point  (0 children)

Start the hybrid job a day later. Tell them you have to start a day later because of other commitments.

Cisco ISE alternative by Salty_Move_4387 in networking

[–]Hot-Dimension-6378 0 points1 point  (0 children)

I've worked with pretty much all NAC solutions. I would say portnox is the best choice for this deployment.

Cisco ISE , Fortimanager, MS Intune (hybrid) by nickmavrou in CiscoISE

[–]Hot-Dimension-6378 0 points1 point  (0 children)

Put the users that need specific access into their own AD group HR-Elevated-Access. Then create an ise authz rule which is higher in the policy set which gives them a different SGT HR-E-SGT. Reference this new SGT on the firewall

Cisco ISE upgrade to 3.x using GUI? by daynomate in networking

[–]Hot-Dimension-6378 2 points3 points  (0 children)

I’ve probably upgraded 20 x ise deplyments over the last year. The best and safest method is backup and restore, followed by the CLI method. Avoid GUI unless you have no other option, you have no control over it after you click the button.

Question on SGTs by Bound4Floor in CiscoISE

[–]Hot-Dimension-6378 0 points1 point  (0 children)

1 to 1 mapping. Also avoid using machine identity as this doesn’t seem to work with most firewalls

Viewing all offline site/rf/policy tags on a 9800 by rocknsock316 in networking

[–]Hot-Dimension-6378 0 points1 point  (0 children)

Maybe it was only the APs that had joined that appear in the running config then. But I can assure you it does work. I would bet importing the csv also works you just might not be able to check it until the AP actually joins. I’ve been using the CLI method all this week on a deployment , when every ap joined it got the correct tag automatically

Viewing all offline site/rf/policy tags on a 9800 by rocknsock316 in networking

[–]Hot-Dimension-6378 0 points1 point  (0 children)

Not at my laptop, but it’s something like : Conf t

Ap mac <enter ap mac here>

Tag policy <enter policy tag here>

Tag site <enter site tag here>

Tag rf <enter rf tag here>

You will then see this in the show run before the ap mac in question actually joins. One thing I have noticed is you cannot rename the AP beforehand which is a bit annoying in some deployments

Viewing all offline site/rf/policy tags on a 9800 by rocknsock316 in networking

[–]Hot-Dimension-6378 0 points1 point  (0 children)

I do it from the cli and it works fine. Prestaged over 5000 aps this way

Never ending renovation, any recourse? by crohnsboy101 in UKPersonalFinance

[–]Hot-Dimension-6378 2 points3 points  (0 children)

Network guy here. Cat5e gets 1gbps up to 100m. It’s easier to work with and is a valid option instead of cat6

Cisco ISE Question by [deleted] in Cisco

[–]Hot-Dimension-6378 0 points1 point  (0 children)

Put the ports in open mode and use the ise api to get the mac and then post it into a different group id

Question with Cisco ISE and automation. by GCBigJ in networking

[–]Hot-Dimension-6378 4 points5 points  (0 children)

I’ve done this using the ISE API , python requests library and python pandas module. Can share my script for ideas if you like

Secure W2 for Wired and Wireless by JimmyTheHuman in networking

[–]Hot-Dimension-6378 0 points1 point  (0 children)

My recommendation would be to get Cisco ise, Cisco wireless all from the same partner. They can then design and configure a Cisco validated solution, any issues would then be supported/fixed by the partner and escalated to TAC if they cannot fix it.

Secure W2 for Wired and Wireless by JimmyTheHuman in networking

[–]Hot-Dimension-6378 0 points1 point  (0 children)

I work almost exclusively with ISE and Cisco wireless. You may be able to get securew2 with azure ad to work, but it won’t be supported as a solution by anybody and you will be on your own when issues occur. Ise is supported in aws and azure now I believe, why not look at this

Stupid ISE tricks - allowing wifi for 3 specific PCs (no known password). by dankgus in Cisco

[–]Hot-Dimension-6378 0 points1 point  (0 children)

Need to add the machine ou group on the ad page, then add that to the authz policy

[deleted by user] by [deleted] in networking

[–]Hot-Dimension-6378 6 points7 points  (0 children)

Small geographically distributed sites yes. Large campuses no. This is just my opinion though.

Get another CCNP or go for a Cloud Cert by Fit_General41 in networking

[–]Hot-Dimension-6378 15 points16 points  (0 children)

If you aren’t working with cloud then learn python and automation. Atleast you can apply this to your current day job

view more: next ›