How to enable API on Cisco ISE, FMC, and ASA? The first two are easy but ASA was not. Cisco ISE. Follow this link. Very straight forward. Check if working by going to https://ISE_FQDN:9060/ers/sdk. Cisco Firepower Management Center (FMC). Not very intuitive but in the nutshell follow this setup. By …
Blog Posts
I ran into this issue with 3800 AP when trying to join it to Mobility Express (ME) WLC over VPN. AP was one minor version off and was showing up on the ME but with an un-joint state. It also had this error message. AP having MAC Address [“***”] currently …
After IOS XE switch upgrade from 3.6.x to 16.9.x I lost port-channel configuration. While trying to apply it back on to the interface I got this error Command rejected: conflicts with IPv6 Snooping (FHS). This can be a potentially dangerous situation if the upgrade was done on the remote switch …
Another addition to posting about DUO and ISE integration. This time it is about password change. After researching various option I came across the following 3 solutions. 1. Add a dedicated connection profile, call it Password_Reset and authenticate users directly to LDAP or ISE. This works OK for this setup …
In continuation to my previous post about DUO and ISE integration, I came to a problem where I had to integrate ISE posture into the mix. Passing standard Radius attributes with the existing setup was not an issue but since posture required a bit more complicated authentication flow it did …