Endpoint Captive Portal Detection - Why?

This blog assumes that you have a general understanding of ISE Central Web Authentication. Endpoint Captive Portal Detection plays a critical role in improving the end-user experience when connecting to a captive portal protected WiFi network, such as an ISE CWA protected WiFi network. The captive portal detection brings to the attention of the user that...

Access lists and SVIs have been around forever, and while applying access lists to physical interfaces seems to logically sink it quite easily, access lists on SVIs interfaces seem to trip people up. This blog will cover that scenario as well as some other access list basics, hopefully by the end you’ll find the concepts cemented.

I wanted to cover a new IOS feature that I learned during Cisco Live. VOIP Trace for CUBE is a new feature that can help engineers troubleshoot issues on CUBE deployments. It’s enabled by default, but you will need at least IOS-XE 17.3.2 or higher.

In my last nslookup blog, I talked about some basic DNS troubleshooting. If you missed it, here’s the link. This time, I wanted to dive in to how I use nslookup for email info gathering and troubleshooting.

Firepower FTD Remote Access VPN SSO using SAML and Azure AD, with Azure AD Conditional Access to Duo 2FA, and Cisco ISE for Authorization and Group Policy Assignment

There are multiple components to this solution, and while there are a few different approaches to accomplish the end goal, I wanted to focus on a solution that didn’t require an onsite Duo Authentication Proxy server. This blog will...

I was upgrading a Catalyst 3850 48 port switch from version 03.07.01E to version 16.12.07. I’ve done this upgrade quite a few times. Followed the Cisco upgrade procedures that you find online when you download your software file. I always have them open, or the command needed to start the upgrade process. Console access showed me that my switch after my reload ended up in ROMMON mode.

In the first entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). In the second entry of this series, we narrowly focused on getting the ISE posture module provisioned. In the third entry, we took stock of all the available posture...

Whether you’re migrating from On Prem Call Manager to WebEx Calling, Spark to WebEx Calling or just have some old phones you want to add to your WebEx Calling Deployment; you will need to convert your phones from their Enterprise Firmware to the cloud supported MPP firmware.

Cisco Meraki recently introduced the MG series Cellular Gateways to be a reliable solution as a backup internet uplink. In the event that the primary internet uplink goes down, the MG gateway will provide high availability for internet connectivity via wireless WAN connectivity using a cellular network. The MG Series also simplifies configuration and management using Meraki’s dashboard.

You read that right! At Cisco Live this year they introduced the ability to add Catalyst switches to the Meraki dashboard. Finally a use for the unused DNA licenses! The switches are monitored in read-only mode, so you still need to manage the switches the old fashioned way, however Meraki's traffic analysis and troubleshooting tools are available for use. This is great for Catalyst owners who do...