Mike Courtney
Author Archives: Mike Courtney
- Home → Author's archive:
Mike Courtney
Campus design feature set-up : Part 6
I’ve been going through how to set up the CL 3.7.5 campus feature: Multi-Domain Authentication in a 6-part blog series and I’m happy to say we’ve made it to the last one.
If you’ve stuck with me through this series, you’d know that in blogs 1-5 we had guides for Wired 802.1x using Aruba ClearPass, Wired MAC Authentication using Aruba ClearPass, Multi-Domain Authentication using Aruba ClearPass, Wired 802.1x using Cisco ISE and Wired MAC Authentication using Cisco ISE
Now that we’re at the end of the road, this final guide will enable Multi-Domain Authentication in Cumulus Linux 3.7.5+ using Cisco ISE (Identity Services Engine) 2.4, Patch 8.
Keep in mind that this step-by-step guide assumes that you have already performed an initial setup of Cisco ISE and read part four and part five of this blog series.
Over the past year, Cumulus Networks has made a concerted effort to expand the breadth and scope of the campus features within Cumulus Linux. Hot off the press in 3.7.5 is one of those features, Multi-Domain Authentication (MDA).
Classically, MDA allows for a Voice VLAN and Data VLAN to be configured Continue reading
Campus design feature set-up : Part 5
In this blog series, we’ve been on a journey of sorts. We’ve shown you all the different ways to set up the CL 3.7.5 campus feature: Multi-Domain Authentication in this 6-part series and guess what? We’re getting into the home stretch!
In blogs 1-4 we had guides for Wired 802.1x using Aruba ClearPass, Wired MAC Authentication using Aruba ClearPass, Multi-Domain Authentication using Aruba ClearPass and Wired 802.1x using Cisco ISE. After this blog, we’ll just have one more covering. Multi-Domain Authentication using Cisco ISE. But we’re not here to talk about those now.
In this fifth guide, I’ll be sharing how to enable Wired MAC Authentication in Cumulus Linux 3.7.5+ using Cisco ISE (Identity Services Engine) 2.4, Patch 8.
Keep in mind that this step-by-step guide assumes that you have already performed an initial setup of Cisco ISE .
Cisco ISE Configuration:
1. Add a Cumulus Switch group to Cisco ISE:
First, we are going to add a Network Device Group to Cisco ISE:
Administration > Network Resources > Network Device Groups. Click the “+Add” button
Make sure to set the “Parent Group” to “All Device Types.” The result will look Continue reading
Campus design feature set-up : Part 4
In case you’ve missed the first three blogs, I’ve been showing you how to set up the CL 3.7.5 campus feature: Multi-Domain Authentication. This is a 6-part blog series and we’re officially past the half-way point.In blogs 1-3 we covered Wired 802.1x using Aruba ClearPass, Wired MAC Authentication using Aruba ClearPass, Multi-Domain Authentication using Aruba ClearPass. We’ll also have guides for Wired 802.1x using Cisco ISE, Wired MAC Authentication using Cisco ISE, and Multi-Domain Authentication using Cisco ISE. So yes, we’ve got all the bases covered.
In this fourth guide, I’ll be sharing how to enable wired 802.1X authentication in Cumulus Linux 3.7.5+ using Cisco ISE (Identity Services Engine) 2.4 Patch 8.
Keep in mind that this step-by-step guide assumes that you have already performed an initial setup of Cisco ISE.
Cisco ISE Configuration:
1. Add a Cumulus Switch group to Cisco ISE:
First, we are going to add a Network Device Group to Cisco ISE:
Administration > Network Resources > Network Device Groups. Click the “+Add” button
Make sure to set the “Parent Group” to “All Device Types.” The result will look like the following:
2. Adding Continue reading
Campus design feature set-up : Part 3
We’ve said it before but since it’s important we’ll say it again. Shared knowledge makes for a stronger ecosystem! With this in mind, I’m showing you how to set up the CL 3.7.5 campus feature: Multi-Domain Authentication in a 6-part blog series.
In this series we’re covering it all: Wired MAC Authentication using Aruba ClearPass, Multi-Domain Authentication using Aruba ClearPass, Wired 802.1x using Cisco ISE, Wired MAC Authentication using Cisco ISE, and Multi-Domain Authentication using Cisco ISE.
This third guide is how to enable Multi-Domain Authentication in Cumulus Linux 3.7.5 + using Aruba ClearPass 6.7.x.
Keep in mind that this step-by-step guide assumes that you have already performed an initial setup of Aruba ClearPass and read the following Wired 802.1x using Aruba ClearPass and Wired MAC Authentication using Aruba ClearPass.
Over the past year, Cumulus Networks has made a concerted effort to expand the breadth and scope of the campus features within Cumulus Linux. Hot off the press in 3.7.5 is one of those features, Multi-Domain Authentication (MDA).
Classically, MDA allows for a voice VLAN and data VLAN to be configured independently on the same switch port for a VoIP Continue reading
Campus design feature set-up : Part 2
To catch you up to speed quickly, I have a six-part blog series that will show you how to set up the CL 3.7.5 campus design feature: Multi-Domain Authentication.
We’ll cover it all: Wired 802.1X Authentication using Aruba ClearPass, Wired MAC Authentication using Aruba ClearPass, Multi-Domain Authentication using Aruba ClearPass, Wired 802.1x using Cisco ISE, Wired MAC Authentication using Cisco ISE, and Multi-Domain Authentication using Cisco ISE.
In the last blog, I showed you how to enable wired 802.1X authentication in Cumulus Linux 3.7.5+ using Aruba ClearPass 6.7.x. In this second guide, I’ll be sharing is how to enable wired MAC Authentication in Cumulus Linux 3.7.5+ using Aruba ClearPass 6.7.x.
Keep in mind that this step-by-step guide assumes that you have already performed an initial setup of Aruba ClearPass.
Aruba ClearPass Configuration:
1. Add the Cumulus Switch to ClearPass
First, we are going to add this specific Cumulus Network switch to ClearPass. Go to the following:
Configuration > Network > Devices. Click “+Add” in the top right-hand corner
Fill in the appropriate IP Address, Description, and Shared Secrets. For simplicity sake, set the “Vendor Name” to Continue reading
Campus design feature set-up : Part 1
Shared knowledge makes for a stronger ecosystem and with this in mind, I’m going to show you how to set up the CL 3.7.5 campus feature: Multi-Domain Authentication in a 6-part blog series.
We’ll cover it all: Wired MAC Authentication using Aruba ClearPass, Multi-Domain Authentication using Aruba ClearPass, Wired 802.1x using Cisco ISE, Wired MAC Authentication using Cisco ISE, and Multi-Domain Authentication using Cisco ISE.
The first guide I’ll be sharing is how to enable wired 802.1X authentication in Cumulus Linux 3.7.5+ using Aruba ClearPass 6.7.x.
Keep in mind that this step-by-step guide assumes that you have already performed an initial setup of Aruba ClearPass.
Aruba ClearPass Configuration:
1. Add the Cumulus Switch to ClearPass
First, we are going to add this specific Cumulus Network switch to ClearPass. Go to the following:
Configuration > Network > Devices. Click “+Add” in the top right-hand corner
Fill in the appropriate IP Address, Description, and Shared Secrets. For simplicity sake, set the “Vendor Name” to “Cisco.”
2. Adding the Cumulus Switch to a Device Group
Configuration > Network > Device Groups. Click “+Add” in the top right-hand corner
We are Continue reading
Step-by-step instructions for DHCP configuration on Windows
Here at Cumulus, we try to offer a lot of different tutorials for engineers to learn basic open networking commands and configurations, all the way up to advanced configurations (our how-to videos are a great example). But sometimes I find that there are some critical configurations where your desktop OS is a major player in how you configure. So for that reason, this blog post we will configure ONIE and Cumulus ZTP (Zero-Touch Provisioning) IPv4 DHCP Options on a Windows 2016 Server (this should also work with Windows 2012). I’ve broken this up into simple step-by-step instructions so it’s easy to follow.
The first thing we will do is create the options needed for Cumulus Linux.
1. To begin, right click on IPv4 and select “Set Predefined Options…”
2. Next, click the “Add” button:
Fill in the Option Type dialog box with the following:
Name: “default-url”
Data type: String
Code: “114”
Description: “Cumulus Binary Install”
Next, click “OK”
3. Clicking on the “OK” button will present you with the following dialog box that will require a String Value:
The “String Value” is the URL towards a binary image of Cumulus Linux.
4. Repeat “Step #2” in order to Continue reading
Switch stacking for campus design: There’s a better way
We often receive the following campus design question: “do you support switch stacking?” This is a fair question, as many of the legacy vendors have promoted stacking designs for the past decade. It’s popular enough that people ask for it, so we must support it, right?
Well, the popular option isn’t always the best one, and switch stacking designs are a very good example of that philosophy. So when people ask if we support stacking, we think to ourselves “heck, no” before politely telling them that we do not because better options exist.
“Perfection is attained, not when there is nothing more to add, but when there is nothing more to take away.”
At Cumulus Networks, we believe that simplicity is the corner-stone of network design.
Or, to say it another way, complex designs fail in complex ways (shoutout to Eric Pulvino for that quote!). Our former Chief Scientist, Dinesh Dutt, gave an excellent explanation around the importance of simple building blocks in his Tech Field Day 9 Presentation (6min 50 seconds in).
Let’s address a little history on switch stacking and then break down the major technical downfalls of a stacking design, the stacking protocol itself, Continue reading