![[Day 14] Cisco ISE Mastery Training: Setting Up a Test Switch for Authentication](https://networkjourney.com/wp-content/uploads/2025/08/Day-14-Cisco-ISE-Mastery-Training-Setting-Up-a-Test-Switch-for-Authentication.png)
Introduction In Cisco ISE deployments, a Test Switch is your lab’s workhorse. Before rolling NAC (802.1X/MAB) into production, you need a safe environment to test authentication policies, VLAN assignments, and posture checks.This session walks you through configuring a switch from scratch to talk to ISE, […]
Introduction In large networks, managing administrative access to switches, routers, and wireless controllers requires strong authentication, granular authorization, and complete activity logging. This is where Cisco ISE Device Administration via TACACS+ shines — it centralizes control, ensures compliance, and gives security teams full visibility into […]
Introduction TACACS+ (Terminal Access Controller Access Control System Plus) is the go-to protocol for device administration control in enterprise networks. Unlike RADIUS, which is primarily for network access (wired/wireless), TACACS+ is designed for controlling administrative access to routers, switches, firewalls, and other network gear. In […]
![Ticket#19 – DHCP Clients Getting APIPA Address: Troubleshooting DHCP Snooping and Relay Agent Issues [CCNP ENTERPRISE]](https://networkjourney.com/wp-content/uploads/2025/07/Ticket19_DHCP-Clients-Getting-APIPA-Address-Troubleshooting-DHCP-Snooping-and-Relay-Agent-Issues_networkjourney.png)
Problem Summary A new VLAN was added for a temporary training lab. Clients connected successfully but were not receiving IP addresses from the DHCP server. Instead, they self-assigned APIPA addresses (169.254.x.x), making them unable to reach the internet or internal resources. Initial pings to the […]
![Ticket#23: SSL VPN Users Cannot Reach Internal Resources – Split Tunnel ACL Error Fixed [CCNP Enterprise]](https://networkjourney.com/wp-content/uploads/2025/07/Ticket23-SSL-VPN-Users-Cannot-Reach-Internal-Resources-–-Split-Tunnel-ACL-Error-Fixed_networkjourney.png)
Problem Summary Users working remotely via Cisco AnyConnect VPN reported that while the VPN connection establishes successfully, they are unable to access any internal servers, applications, or file shares (e.g., 10.10.0.0/16 or 192.168.1.0/24). Symptoms Observed Root Cause Analysis Upon investigating the ASA config and using […]
![From Zero to Secure: 802.1X + MAB CLI Walkthrough with Labs[CCNP ENTERPRISE]](https://networkjourney.com/wp-content/uploads/2025/06/nj-blog-post-802.1.jpg)
I am going to simplify one of the most powerful port-based access control mechanisms in enterprise networking — 802.1X with MAB (MAC Authentication Bypass). When configured properly, it ensures secure access for both corporate-managed devices and non-802.1X-capable endpoints like printers, IP phones, or legacy hardware. […]
