Quick Reference

# Generate key
openssl genrsa -aes256 -out workstation.key 4096

# Create CSR
openssl req -new -key workstation.key -out workstation.csr

# Verify certificate
openssl x509 -in workstation.pem -noout -text

# Check chain
openssl verify -CAfile ca.pem workstation.pem

# Check status
sudo wpa_cli -i enp0s31f6 status

# Force reauthentication
sudo wpa_cli -i enp0s31f6 logoff && sudo wpa_cli -i enp0s31f6 logon

# View logs
sudo journalctl -u wpa_supplicant-wired@enp0s31f6 -f

# Check session
netapi ise mnt session C8:5B:76:C6:59:62

# View all sessions
netapi ise mnt sessions

# Check posture
netapi ise mnt session <MAC> | jq '.posture_status'

# View session
netapi ios exec "show access-session interface gi1/0/2 details"

# Bounce port
netapi ios bounce Gi1/0/2

# View ACLs
netapi ios exec "show ip access-lists"