Gents,
The scenario: Cisco AP in Flex Connect Local-Switching and authenticating
802.1x against ISE without incident. No special considerations necessary,
EAP-FAST(EAP-TLS), anonymous PAC provisioning. When the wireless deployment
changes to local-mode, 802.1x authentication for the AP breaks.
Are you using Virtual WLC? I was told by an engineer from Wireless that if you
are running Virtual WLC, you must run FlexConnect.
Mike Rojas
From: sheaha...@gmail.com
To: ccie_security@onlinestudylist.com
Date: Fri, 13 Dec 2013 09:46:33 -0500
Subject: [OSL | CCIE_Security] 802.1x AP
Hi Mike. No I am not using vWLC, but that's good info that I'll have to keep
in mind going forward. Thanks for your response.
Kevin Sheahan
CCIE # 41349 (Security)
From: Mike Rojas [mailto:mike_c...@hotmail.com]
Sent: Friday, December 13, 2013 2:13 PM
To: Kevin Sheahan;
Guys
*New VOD Products: CCIE Wireless Security Lab Essentials VOD :: “Next
Generation”
Hi Guys,
The big day is coming and here are some questions that I am having once it
is going to be my first attempt.
1. When configuring ACLs in ASA for ICMP, NTP, TELNET, etc. if the question
is not mentioning, how much specific do we need to be (e.g. any/any;
10.0.0.0/24; host) ?
2. Like in
Hi Kent,
I just took my lab (2nd attempt) today.
1. For icmp, you can do any any. For anything else, I’d keep it as specific as
possible.
For example, you almost always need to do NTP. I guess you could do permit udp
any host ntpserverip eq 123, but I always do the more specific hosts just in
