Posts

Showing posts from January, 2020

Installing Cisco Context Directory Agent

-
Image
In this article we will take a look at how to install the Cisco Context Directory Agent (CDA) for use with Identity Based Firewalls. In this demonstration, we will be installing CDA using VMware ESXI. A few important things to note: VMXNET 2 & 3 Interfaces are not supported and E1000 types must be used Resource requirements will depend on the intended use of CDA. In this demonstration we are using the minimum recommended requirements which will be covered below. CDA must be able to communicate with Active Directory domain controllers, devices that are going to interact with CDA and any Syslog servers that will be used. CDA communicates with domain controllers on RPC 135 initially before domain controllers establish connectivity on higher ports dynamically. Resource specification used as per recommended minimum hardware requirements for VMware: 2 Virtual Processors 2GB RAM (We are using 4GB RAM for this demonstration) 120GB HD Space E1000 NIC Linux 64-Bit Other OS Once powered on se
Read more

Integrate ISE with Cisco Prime

-
Image
In this demonstration I will show you how to add Cisco ISE to Cisco Prime. The following equipment has been used in this demonstration: Cisco Prime 3.5 Cisco ISE 2.6 (Standalone) Navigate to Administration > Servers > ISE Servers On the right-hand side of the screen, click on 'Select a command' and select option 'Add ISE Server' followed by 'Go'. Enter the required settings for your Policy Admin Node (PAN) and click 'Save' once done. Once complete, return to 'ISE Servers' where you should see the ISE server that you've added.
Read more

How to Install a CA-Signed Certificate to Firepower Management Centre

-
Image
In this article we will take a look at how to generate a Certificate Signing Request (CSR) for your Firepower Management Centre (FMC) before taking a look at how we then complete the request and install the CA-signed certificate. In order to complete the above, you will need access to the following: FMC with Admin rights CA Server with Admin rights The following hardware and software is used for this demonstration: FMCv version 6.5 Microsoft Server 2019 Generate the CSR on the FMC 1. Once logged into the FMC, navigate to System > Configuration > HTTPS Certificate 2. Click 'Generate New CSR' 3. Enter the relevant details for your organization. The device name should already be pre-populated within the Common Name field. Once the fields are populated, click 'Generate' . 4. When the box appears with the Base-64 Encoded CSR, copy the text into a notepad. 5. With access to your CA-Server, access the relevant location where certificates are generated. In this example w
Read more