After IOS XE switch upgrade from 3.6.x to 16.9.x I lost port-channel configuration. While trying to apply it back on to the interface I got this error Command rejected: conflicts with IPv6 Snooping (FHS). This can be a potentially dangerous situation if the upgrade was done on the remote switch …
Blog Posts
Another addition to posting about DUO and ISE integration. This time it is about password change. After researching various option I came across the following 3 solutions. 1. Add a dedicated connection profile, call it Password_Reset and authenticate users directly to LDAP or ISE. This works OK for this setup …
In continuation to my previous post about DUO and ISE integration, I came to a problem where I had to integrate ISE posture into the mix. Passing standard Radius attributes with the existing setup was not an issue but since posture required a bit more complicated authentication flow it did …
Recently I was upgrading a stack of Catalyst 9300 switches and one switch ended up in rommon mode. Well, first of all, my stack was not healthy. The second switch had version mismatch so I thought upgrading them all together to a newer version will fix the issue. What happened …
Error message “Profile Installation failed an SSL error has occurred and a secure connection to the server cannot be made.” Cisco bug id CSCvr44568 “BYOD TLS not working for Apple iOS 13”. It appears as a new version of iOS 13.x has a requirement that all certificates in the chain …