AnyConnect 4 – Plus and Apex Licensing Explained
KB ID 0001013 Problem (Updated 11/05/21) Before version 4 we simply had AnyConnect Essentials and Premium licensing, now we have Plus and Apex licensing. AnyConnect Plus and Apex There are in fact three licensing options; Cisco AnyConnect Plus Subscription Licenses Cisco AnyConnect Plus Perpetual Licenses Cisco AnyConnect Apex Subscription Licenses NEW VPN Only perpetual Licences Plus and Apex Contain; AnyConnect PLUS (Cisco pitch...
Deploying Certificates via ‘Auto Enrollment’
KB ID 0000919 Problem SHA CERTIFICATE WARNING: Note This article was written some time ago, ensure your CA environment does NOT use SHA1 for your certificates, if it does, Please visit the following link for migration instructions; Upgrade Your Microsoft PKI Environment to SHA2 (SHA256) I need to setup wireless authentication based on computer certificates, I’ve done similar jobs before by manually issuing certificates for Cisco...
Cisco ISE – Basic 802.1x With Windows Part One (Active Directory Integration)
KB ID 0001074 Problem To carry out this procedure you should have your ISE appliance deployed, with all the basic settings on it. Over the next few articles I’m going to connect the ISE appliance to Active Directory, then configure the ISE Appliance for 802.1x. Configure RADIUS on both the appliance, and on my Cisco Switches. Then finally configure Windows Group Policy to enable the clients to authenticate to 802.1x. Solution 1....
Cisco ISE – Basic 802.1x With Windows Part Two – Configuring 802.1x Policies
KB ID 0001075 D Problem Back in Part One, we joined Cisco ISE to Active Directory, now we we will take the built in ISE policies and change them. This will allow our clients to authenticate, with the correct protocols. Solution 1. By default ISE will use pretty much any available protocol, we are going to use PEAP, although I’m also going to allow EAP-TLS (it’s more secure and if I start rolling out certificates I’ve...
Cisco ISE – Basic 802.1x With WindowsPart Four – Configuring The Windows Clients (Supplicants)
KB ID 0001083 Problem Back in Part Three we setup the switches ready to plug in our clients. I’m going to configure the Windows clients by Group Policy. But I suggest you carry out tests using single Windows clients and LOCAL policy until you know you have everything setup correctly. WARNING: Rolling this out without adequate testing, can resolve in all your Windows clients falling off the network Solution 1. On a DC or a...