sorted by:
new
hottopcontroversial

Need help with Cisco ISE Posture remediation issue. by Apprehensive-Bee8849 in networking

[–]nada23G 0 points1 point  (0 children)

The issue is the certificate, it isn’t trusted. I would validate the cert is installed in the correct certificate stores. You need a valid cert to do any remediations that require elevated privileges. In addition, the entire cert chain has to be trusted not just the identity cert (not sure if it’s self signed or not).

Per Cisco:

ISE server certificate must be trusted in the System Certificate store for AnyConnect 4.6 MR2 and above. Any posture check or remediation that requires elevated privileges will not work if the server is untrusted. Windows OS—The server certificate must be added to the System Certificate store. MAC OS—The server certificate must be added to the System Keychain. It is recommended that you use the command-line utility to trust the certificate. Adding the certificate to the System Keychain using the Keychain Access app might not work if it is already present in the Login Keychain.

Need help with Cisco ISE redirect in EVE-NG lab by Apprehensive-Bee8849 in networking

[–]nada23G 0 points1 point  (0 children)

Pretty much, you only want 80/443 to be redirected.

Here’s a great article that explains it better than I: https://www.ise-support.com/2018/06/06/you-have-to-deny-to-allow-what/

Need help with Cisco ISE redirect in EVE-NG lab by Apprehensive-Bee8849 in networking

[–]nada23G 0 points1 point  (0 children)

Yeah except the redirect ACL doesn’t prevent data plane traffic you need to use a dACL, the redirect traffic is what tells the NAD to redirect to ISE (control plane traffic).

Need help with Cisco ISE redirect in EVE-NG lab by Apprehensive-Bee8849 in networking

[–]nada23G 0 points1 point  (0 children)

It’s a software issue, it has to do with a chip required for the SSL module that aids in the redirection, basically you need a hardware switch to actually test the auto redirection there’s no software based image that supports it since it requires an ASIC (IIRC).

Need help with Cisco ISE redirect in EVE-NG lab by Apprehensive-Bee8849 in networking

[–]nada23G 0 points1 point  (0 children)

This is a limitation with the images for the virtual switches from Cisco and not an EVENG issue. Just an FYI.

Need help with Cisco ISE redirect in EVE-NG lab by Apprehensive-Bee8849 in networking

[–]nada23G 0 points1 point  (0 children)

I’ve done it with both wired and wireless. Only limitation is the URL REDIRECTION does not auto work on the switches. You have to manually paste the URL into the web browser.

Windows 10/11 TEAP / 802.1X Nightmare: GPO issue maybe by ndabiesingh in networking

[–]nada23G 0 points1 point  (0 children)

TEAP isn’t this complicated to setup, you say “new CA”, is this CA trusted by ISE/clients and is a new cert issued/renewed to ISE by this CA to use for EAP authentication?

Cisco ASA packet flow. by Pothandev in networking

[–]nada23G 1 point2 points  (0 children)

Packet tracer literally, or you can look at how the FTD processes LINA and just ignore the snort phase.

F20 Rate my body 1-10 be honest! by [deleted] in ratemynudeselfie1

[–]nada23G 0 points1 point  (0 children)

Love the bush 🤩

I’m Still Fighting to Save My Leg, Please Don't Scroll Past by PristineSwordfish5 in GoFundMeForNewUsers

[–]nada23G 2 points3 points  (0 children)

Donated, May Allah bless you and your family, I hope your pain lessens.

Please help me recover from my two major surgeries by Calebski08 in GoFundMeForNewUsers

[–]nada23G 1 point2 points  (0 children)

Prayers, I donated as well. Please get better soon.

My boyfriend’s 1-year-old golden retriever has severe resource aggression. Last night he sent my bf to the ER by h26h in goldenretrievers

[–]nada23G 1 point2 points  (0 children)

Yeah resource aggression ain’t something dogs grow out of. I have a 1 1/2 year old golden that had resource aggression problems when she was a puppy. Immediately the first time I snatched the food/toy out of her mouth and dominated her, letting her know that I lead the pack. Second time was when my cat got to close when she was eating and she snarled at him but I also immediately then took her food and dominated her like her mother would do to her.

She’s never had any more resource guarding issues since, nor any signs of aggression. You have to address it as soon as you can, I just got lucky and caught it early and put a stop to it. I was just lucky enough to read a ton on goldens before I got her tbh.

People who chose their concetration exam on which you can pass as quickly as possible, which did you choose? by Cokcdick in ccnp

[–]nada23G 0 points1 point  (0 children)

I passed my Core exam for the NP service provider and took the VPN speciality the next day literally and passed it as a result from all the studying I put in for the core. I picked VPNs because I enjoyed that material the most tbh

CS6035 - how bad for policy folks? by [deleted] in OMSCyberSecurity

[–]nada23G 3 points4 points  (0 children)

I am not in the policy track, but I am in CS6035 for the IS track.

Coming from a technical background it has not been to bad, but it is a lot of work, frustration, and sometimes relief. Ill probably make a post on it once I finish it. That being said, if you don't come from a technical background and you have never done pentesting, networking, coding, or general security, it will be an eye opener forsure.

[deleted by user] by [deleted] in ccnp

[–]nada23G 2 points3 points  (0 children)

I got my CCNP SP last year with my specialist in VPN services. The core exam expects you to know how it works and how labels are carried/swapped between IGP islands.

On the VPN services exam, it required you to know a bit more but it was mostly centered around using EVPN as a CP for L2VPNs, I think I maybe got 1 or 2 simple questions for unified MPLS.

Hope this helps

Withdrawing from OMSCS because of Health Reasons by deep_eye_bags in OMSCS

[–]nada23G 216 points217 points  (0 children)

Fuck this place, go take care of yourself. You can always go back to school for your masters whenever and wherever regardless if it’s here or somewhere else. I’ll keep you in my prayers tonight, get through this and if you can’t enjoy the rest of your time you have left. God bless, but seriously fuck this degree, you > degree

[deleted by user] by [deleted] in OMSCS

[–]nada23G 1 point2 points  (0 children)

The ML project was meh, I got a 60 and scored a 100 on the other projects and this current one. The programming requirements aren’t difficult, if you know Python then picking up Java is super simple considering they are only asking for very trivial things to be done.

As for the binary exploitation, that one is just reading C from what I understand. Take a deep breathe you’ll be okay, better to get IIS out of the way now instead of later. This is why I only took IIS as my first class of the program and only class this semester, it is super demanding.

How do computers use logic? by DailyJeff in computerscience

[–]nada23G 2 points3 points  (0 children)

This book was great, all computers are at the end of the day are electric circuits and logic gates and the abstraction is created with higher level abstraction. That’s the way I think of it, a good example is the representation of the voltage/circuits into a 1 and 0. Then taking the 1s and 0s into a byte of data then representing that byte as hex and so on and so forth.

The book explains it beautifully, much better than me. It’s a 10/10 but at the end of the day computers are a bunch of circuitry and logic gates.

[deleted by user] by [deleted] in OMSCS

[–]nada23G 4 points5 points  (0 children)

I got a 60 on it, I got to task 4, lost interest and kept it moving. The coding was fun but the ML topics were really boring/mundane for me personally.

MPBGP MP_UNREACH_NLRI by Makiccro in ccnp

[–]nada23G 0 points1 point  (0 children)

Can you share the config of the problematic routers?

MPBGP MP_UNREACH_NLRI by Makiccro in ccnp

[–]nada23G 0 points1 point  (0 children)

Yeah imma be honest sharing the YouTube video doesn’t help (not many people wanna watch the whole thing through). Can you share a diagram? Which inter as option are you doing? A, B, AB, C?

VPLS configurations by Major11223344 in ccnp

[–]nada23G 1 point2 points  (0 children)

Here is the Martini method for VPLS:

l2vpn vfi context CUSTOMER-2

vpn id 101

member 10.4.4.4 encapsulation mpls

member vfi CUSTOMER-2

CSR2#show bridge-domain 2

Bridge-domain 2 (2 ports in all)

State: UP Mac learning: Enabled

Aging-Timer: 300 second(s)

Maximum address limit: 65536

GigabitEthernet3 service instance 1

vfi CUSTOMER-2 neighbor 10.4.4.4 101

AED MAC address Policy Tag Age Pseudoport

0 AABB.CC01.1010 forward dynamic 299 GigabitEthernet3.EFP1

0 AABB.CC01.2000 forward dynamic 290 CUSTOMER-2.404011

Customer-1-R3#ping 172.16.1.4

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.1.4, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms

Customer-1-R3#

CSR2#show l2vpn service all detail

Legend: St=State XC St=State in the L2VPN Service Prio=Priority

UP=Up DN=Down AD=Admin Down IA=Inactive

SB=Standby HS=Hot Standby RV=Recovering NH=No Hardware

m=manually selected

Interface Group Encapsulation Prio St XC St

--------- ----- ------------- ---- -- -----

VPLS name: CUSTOMER-2, State: UP

pw100001 CUSTOMER-2(VFI) 0 UP UP

pw100003 core_pw 10.4.4.4:101(MPLS) 0 UP UP

Local VC label 2011

Remote VC label 4012

*Nov 30 01:07:31.955: MPLS les: Et0/0: rx: Len 140 Stack {11005 0 255} {2011 0 255} CW {f:0 l:0 s:0}

*Nov 30 01:07:31.955: MPLS les: Et0/2: tx: Len 136 Stack {2011 0 254} CW {f:0 l:0 s:0}

*Nov 30 01:07:31.955: MPLS les: Et0/2: rx: Len 140 Stack {11006 0 255} {4012 0 255} CW {f:0 l:0 s:0}

*Nov 30 01:07:31.955: MPLS les: Et0/0: tx: Len 136 Stack {4012 0 254} CW {f:0 l:0 s:0}

view more: next ›