Links & Notes

GK Labs

Cisco Labs

lab_after_reste.pdf
File Size:	893 kb
File Type:	pdf

Download File

---

character_file.txt
File Size:	0 kb
File Type:	txt

Download File

---

sise_us_labs_1-15_tasks___tips.pdf
File Size:	63 kb
File Type:	pdf

Download File

---

---

Instructor Note:
Can log onto the same delegate pod with same details to takeover pod and fix/demonstrate

---

Notes:
There is some pixelation it it was it is
a) You can change the keyboard via hamburger icon top right

b) Difficult to find pipe (Set keyboard to your country)
      Copy and paste from desktop :)
      Keyboard # is \        shift # is |

d) Click on tab in browser to go back to  pod control page

e)You can open the VM's in their own Window

f) general tips screen size fit to window  exit select device again
​

---

A Pod Reset takes nearly 40 mins
​see video below
Try to avoid (get the labs working :).

---

Config required after
​Pod Reset (10 mins) Video

---

Labs

Green Labs related to the course content (10 hours)
Red Labs Are additional non course related labs (8.25 hours)

---

Lab 0: ​Remote Lab Environment

12 mins

---

Lab 1: ISE Familiarisation and Certificate Usage

49 mins

---

Lab 2: AD and ISS

28 mins

---

Lab 3: Policy Sets, Conditions Studio and Network Devices

53 mins

---

Lab 4: Passive Identity (Easy Connect)

42 mins

                          Can be treated as an Optional  Lab
HOWEVER
!!!BE AWARE!!!! There is some configuration carried out in this lab that is required for future labs
​
a) Move the Switch NAD from Location Test to HQ
​b) Create the Employee Authz Profile & Employee ACL

---

Lab 5: 802.1x: Wired Networks PEAP

20 mins

Some config from lab 4 required to do following labs

---

Lab 6: 802.1x: Wired Networks EAP-FAST

45 mins

---

Lab 7: 802.1x Wireless Networks

42 mins

---

Lab 8: 802.1x MAB

14 mins

---

Lab 9: Central Web Auth 

58 mins

Notes:
a) Difficult to select the graphic for the heading for the mobile portal. Select a different one then reselect original
b) As I did the lab from a pod reset, there is a not about some of the error messages not appearing when connecting to the Guest Wi-Fi

---

Lab 10: Guest Access & Reports Part 1

18 mins

---

Lab 10: Guest Access & Reports Part 2

13 mins

No IPad required, Test is carried out on a BYOD Wireless PC.

​I Recommend using Edge to test access as it is easier to accept certificate for portal than it is for Chrome,  

---

Lab 11: Endpoint Profiling and Reports

43 mins

Return to the command 
"show device-sensor cache all"
It showed no output originally but on return there was output.

---

Lab 12: BYOD and My Device Portal Pt1

22 mins

Notes:
a) use iseiscool.png logo not gk-logo.png (not available)
b) Tried twice on GK-25
     Delete mac from WLC and try again
c) Had issues with BYOD provisioning
     Delete macs from WLC
     Try again
     No Need to trust the cert from data-srv
d) Wait when registering stolen lost 2 minutes

---

​Lab 12: BYOD and My Device Portal Pt2

50 mins

Step 10.2 in the diagram the ACL has a typo and should NOT read BYOD_PROVISIONONG. The table is correct.

---

Lab 13: Posture & Reports Pt1

57 mins

Notes
a) Keyboard # is \        shift # is |
b) Posture Conditions need patience to be seen wait or refresh
     REFRESH REFRESH
c) In Requirements use black arrow left of Edit to add a new rule
d) Install OLD Version of Avast

---

​Lab 13: Posture & Reports Pt2

41 mins

---

Lab 14: Compliance-Based VPN Access

29 mins

Notes:
a) ASA password is gklabs
b) Logoff remote pc after checking Admin PC and live logs.
There seems to be an issue with timing that is easiest done by re testing on remote PC

---

Lab 15: TACACS+ Device Admin​

43 mins

Notes:
a) The "remove tacacs+ config" in notes is in the wrong folder should read WLC
     ie
     Desktop\ISE\WLC\remove TACACS from WLC.txt
b) Also login to the WLC as it1 from quick connect in Secure CRT
​to delete config. Will not have the priveleges as Admin

---

Lab 16: Additional Guest Scenarios as per the standard course Hotspot etc. See STD SISE course Lab 6:

---

Lab 17: Posture Using Temporal Agent

46 mins

Notes:
a) Login as admin to change the regedit values
b) Install old version of Avast

---

Lab 18:PxGrid Integration with Firepower Pt 1

43 mins

Notes:
a) ​Make sure that you do turn On & Off the VMs not easy to identify from graphic. You have to right click the icon to see the state.
b) Patience required when joining the Grid from ISE GUI
     Refresh Refresh
c) Easy to forget to ENABLE Realm
d) The Cert name is FMC-pxGrid-Cert (Not clear in notes)
e) tick the encrypt box when importing certificate
f) The global Exception rule in ISE is "OR" not AND
g) DONT Forget to Save cert config in FMC

---

Lab 18: PxGrid Integration with Firepower Pt 2

44 mins

---

Lab 19: Trustsec Security Group Access

1 Hour 10 Mins

​Notes:
a) ASA needs PAC Keys manually imported
b) The PAC keys for Switch automatically generated and read by the switch

---

Lab 20: ISE Distributed Deploy Pt1

1 Hour 40 mins

Notes:
a) Need to power on the secondary node
b) ntp server failed on setup
     0.pool.ntp.org
     try 204.11.201.10
     Did not work responded with N to re-install NTP
c) After install NTP daemon not working so "no" it to  delete and add it again.
d) There was a warning when adding the ISE 2 just did it again e) with same credentials
e) It takes time for the services to show not running
f) There was a warning about VM license

---

Lab 20: ISE Distributed Deploy Pt2

25 mins

---

Lab 21: PxGrid Integration Stealthwatch Pt1

1 Hour 33 mins

Notes:
​a) Test clear auth sessions on the L3 switch
b) interface g0/3 authentication order dot1x mab

​Quite a faf to get this working dot1x would not work but managed to prove the point using MAB

---

Lab 21: PxGrid Integration Stealthwatch Pt2

26 mins