Tarik Admani

Member Since: Jul 28, 2010

English
Tarik Admani commented on Anyconnect, how do I retrieve username from subject alternative name / SAN / DNS name attribute of certificate in VPN 2 months ago

Did you open a tac case for this? I guess my only option is to have them create another template to...

Tarik Admani commented on Anyconnect, how do I retrieve username from subject alternative name / SAN / DNS name attribute of certificate in VPN 2 months ago

Just checking here to see if you were able to get the name pulled using the lua script. Thanks,

Tarik Admani commented on ISE DACL entry limitation on ASA VPN device? in AAA, Identity and NAC 7 months ago

Can you clarify the workaround was there a firewall between ISE and the ASA you were pushing the...

Tarik Admani commented on Guest Wireless portal :- URL redirection to the client is not happened in AAA, Identity and NAC 8 months ago

No you shouldnt have to because the CWA detection on the controller should allow dhcp and dns...

Tarik Admani commented on Guest Wireless portal :- URL redirection to the client is not happened in AAA, Identity and NAC 8 months ago

The ACL entry can be blank on the foreign controller since the acl that is enforced is on the...

Tarik Admani commented on Anyconnect to ASA - ACS - RSA tokens in AAA, Identity and NAC 8 months ago

Configure the ACS server to use the rsa identity source for the vpn authentications. You may need...

Tarik Admani commented on ISE 1.2 Remediation Beta 1.3.19 in FireSIGHT System / 3D System 8 months ago

Thanks for sharing, do you know when these modules will be available on cco? I am looking to...

Tarik Admani commented on Multiple Data VLAN + ISE in AAA, Identity and NAC 1 year ago

You don't send vlan info. Just use the interface group feature in the link I provided.

Tarik Admani commented on permit only one identity on ISE 1.3 in AAA, Identity and NAC 1 year ago

Jan is correct if you want to add an an additional layer you can use CWA chainin where the user...

Tarik Admani commented on Multiple Data VLAN + ISE in AAA, Identity and NAC 1 year ago

Try using interface groups and send an access accept. http://www.cisco.com/c/en/us/td/docs/wireless...

Tarik Admani commented on Cisco Anyconnect messages customization - ISE setup in AAA, Identity and NAC 1 year ago

You can download the translation file from the anyconnect downloads or use asdm to customize the...

Tarik Admani commented on Unable to modify or add additional SMS gateways based an SMS Email Gateway (bug) in AAA, Identity and NAC 1 year ago

Was this working for you before, i think the bug is in the description because all cisco did was...

Tarik Admani commented on Unable to modify or add additional SMS gateways based an SMS Email Gateway (bug) in AAA, Identity and NAC 1 year ago

Do you have the bug details? This will help customers open cases against the bug to prioritize its...

Tarik Admani commented on Problem with Secondary Cisco ASA 5525X SFR and Firesight in FireSIGHT System / 3D System 1 year ago

There is a bug that has been fixed which is related to the heartbeat issues between the ASA and the...

Tarik Admani commented on ACS 4.2 running on Windows 2008 Server 32-bit? in AAA, Identity and NAC 1 year ago

From the the installation guide it states that 2008 standard edition is supported - http://www....

Tarik Admani commented on ISE Radius probe and ios device-sensor question in AAA, Identity and NAC 1 year ago

I wonder if the debugs are not displaying correctly, did you try running the tcp dump on the PSN to...

Tarik Admani commented on ISE Client Provisioning in AAA, Identity and NAC 1 year ago

I try to deploy seperate ssids for mobile and corporate (posture) networks, this helps to not rely...

Tarik Admani commented on ACS v5 Distributed Deployment in AAA, Identity and NAC 1 year ago

Seems like it is needed for the java subsystem to register and collect data from here is some...

Tarik Admani commented on ISE CWA in foreign / anchor WLC deployment - usernames missing in AAA, Identity and NAC 1 year ago

You will only see the username on the initial CWA authentication, once the client disconnects and...

Tarik Admani commented on ASA AnyConnect DAP and ISE in AAA, Identity and NAC 1 year ago

Check in the cisco anyconnect administrator guide because you can not run the hostcan which comes...

Tarik Admani commented on ISE integration with XenMobile in AAA, Identity and NAC 1 year ago

Joe,Can you try to paste that url in your browser and see what error you get? You will be asked to...

Tarik Admani commented on ISE integration with XenMobile in AAA, Identity and NAC 1 year ago

I have spent some time troubleshooting this in the past with other vendors, when you debug the mdm...

Tarik Admani commented on Black screen on laptops Dell E5440 after Cisco Anyconnect NAM installation in Network Management 1 year ago

Hi,I am running into an issue but not with the black screen, we noticed the screen flickers and the...

Tarik Admani commented on How to Obtain Rehost Ticket of Cisco CAS? in AAA, Identity and NAC 1 year ago

You will have to open a case through cisco licensing and they should be able to walk you through...

Tarik Admani commented on ISE 1.2.1 - RADIUS service down after Promoting Secondary PAN in AAA, Identity and NAC 1 year ago

Based on your description this looks like expected behavior and it is documented in the guide below...

Tarik Admani commented on ISE Network Interfaces in AAA, Identity and NAC 2 years ago

The ISE interfaces do not and should not route between it's interfaces. They have to exist on...

Tarik Admani commented on ACS 5.4 Access Policies Problem in AAA, Identity and NAC 2 years ago

I ran into this issue as well on my ACS 5.4 and never found a bug that matched. I ended up...

Tarik Admani commented on Does ISE support wild card entries for Network devices? in AAA, Identity and NAC 2 years ago

In addition to what Neno suggested. You can add the entire /8 network and set an authorization...

Tarik Admani commented on ISE cannot push the profile to the cisco network setup assistant? in AAA, Identity and NAC 2 years ago

See if you can add all the ports that the NSP client needs to touch ISE. Also if you have some time...

Tarik Admani commented on ACS how to limit AD max user sessions in AAA, Identity and NAC 2 years ago

Dash,You can leverage the group mapping feature where members of a certain AD group are mapped to a...

Tarik Admani commented on Does ISE support wild card entries for Network devices? in AAA, Identity and NAC 2 years ago

What version of ISE are you on? There isnt a maximum number of network devices listed anywhere but...

Tarik Admani commented on CIsco ISE - HP Openview monitoring. in AAA, Identity and NAC 2 years ago

You have the ability to configure a syslog server, I am not familiar with HP Open view but with...

Tarik Admani commented on Radius problem after first server failed in AAA, Identity and NAC 2 years ago

If you have the radius-server deadtime configured then the switch will wait till that timer expires...

Tarik Admani commented on ACS 5.4.0.46a and appliance 3495 ??? in AAA, Identity and NAC 2 years ago

Your point is understood and based on the release notes it most likely isnt supported.

Tarik Admani commented on MAB/802.1x and Alkatel IP Phones in AAA, Identity and NAC 2 years ago

I have a couple of questions regarding the behavior of the phone.In most cases endpoints will not...

Tarik Admani commented on Does ACS 5.5 support RSA AM 8.1 ? in AAA, Identity and NAC 2 years ago

I think the information you are looking for below:http://www.cisco.com/c/en/us/td/docs/net_mgmt/...

Tarik Admani commented on ISE Deployment in AAA, Identity and NAC 2 years ago

We need to make sure which route you plan to use to insure that the device is connected. You can...

Tarik Admani commented on ise prevent user frm accessing via both wireless and wired nw in AAA, Identity and NAC 2 years ago

You can accomplish through the cisco anyconnect NAM supplicant, by default when a wired connection...

Tarik Admani commented on Massive EAP abondon and Radius packet already in progress errors in AAA, Identity and NAC 2 years ago

Chris,There is a bug on the cisco release notes that matches your description that was fixed in...

Tarik Admani commented on No ISE licenses consumed for active telnet sessions to NAC switches? in AAA, Identity and NAC 2 years ago

I have also seen this before. I will need to double check in the lab but I dont think the counter...

Tarik Admani commented on Guest portal in distributed setup in AAA, Identity and NAC 2 years ago

I have had customers submit the multi san csrs if that is your question and it isnt a problem. When...

Tarik Admani commented on Guest portal in distributed setup in AAA, Identity and NAC 2 years ago

The generic option will not scale across multiple PSNs, I ran into this issue when 1.2 first came...

Tarik Admani commented on MAB/802.1x and Alkatel IP Phones in AAA, Identity and NAC 2 years ago

I have run into this issue before, there is a command on the switch port so that if authentication...

Tarik Admani commented on ACS 5.4.0.46a and appliance 3495 ??? in AAA, Identity and NAC 2 years ago

Frank,It looks as if support for the 3415 was released in 5.4 and 3495 in 5.5. http://www.cisco.com...

Tarik Admani commented on Connection Limitation with same AD credential on ISE in AAA, Identity and NAC 2 years ago

Are you looking to restrict access to only corporate assets and not allowing the same credentials...

Tarik Admani commented on ISE Certificate SAN in AAA, Identity and NAC 2 years ago

The CN has to be in the certificate field, I do not know how you can get passed this requirement....

Tarik Admani commented on CWMS Self Signed Certificate in Conferencing 2 years ago

I wanted to know if anyone has run into this issue before. I do not think each of the boxes need...

Tarik Admani commented on ISE 1.2 CWA Redirect URL in AAA, Identity and NAC 2 years ago

In ISE 1.2 under the results for authorization, there is a checkbox below the redirect setting. I...

Tarik Admani commented on Import Steel Belted Radius users to ACS in AAA, Identity and NAC 2 years ago

If you can export a list of the user accounts you can take the user names and download the import...

Bio

I started my career in 2004 working in the railway industry. I started of an assistant signal supervisor and eventually became a manager of network control systems. Not only was my role important for velocity and throughput, it's main purpose was to provide safety.

I decided to take another challenge and developed an interest in network security. I started working at Cisco as an intern and quickly grasped the concept of Cisco IOS, Cisco PIX technology. I moved up to the AAA tac at Cisco and worked my way up to a technical lead.

I am presently working for National Partner specializing in network security. I am staying busy with the high demand for ISE. I also still manage a few vpn and firewall projects as well.








  • Cisco Designated VIP

    2014 Security





  • Cisco Designated VIP

    2013 Security





  • Community Spotlight Award

    Mobile App Contributor September 2012





  • Community Spotlight Award

    Doc/Video August 2012









Tarik Admani's Stats

Points3154
Discussion started 18
Answers marked as Correct 314
Endorsed 2
Content Rated 68