Network Access Control

Explicit EAP failure

Hi Team,We are facing an issue on some of our endpoints where the Windows Event Viewer shows an explicit eap failure message, and the network adapter gets suspended for 600 seconds. On Cisco ISE, we are also observing a duplicate session found messa...

802.1x with native windows supplicant.

I'm lokking 802.1x protocol that use native windows supplicant and based on Entra ID, previously i try using EAP-TTLS but now work. Open case to microsoft then they said that EAP-TTLS is not supported by windows 11 and must use 3rd praty supplicant i...

Cisco ISE authentication via certificate and authorization via Azure

Hi All,I'm configuring Cisco ISE policy sets according to this document:https://community.cisco.com/t5/security-knowledge-base/cisco-ise-with-microsoft-active-directory-entra-id-and-intune/ta-p/4763635/show-comments/trueIn that document when authenti...

ISE-PIC not receiving active sessions — only 5–6 users every few hours

Hi Dears, I am facing an issue with Cisco ISE-PIC not receiving active user sessions as expected — I only see around 5 or 6 users every two or three hours. Environment details: ISE-PIC Version: 3.4 (Patch 3 installed and licensed) Setup: Two ISE-...

Database Server not-running Cisco ISE

Dear Cisco ISE lover, Recently we were testing lab to re-issue related to Cisco ISE "Database Server not-running",while on user on Secure client UI "Posture Failed due to server issues"We configure the Distributed Deployment 2 nodes PAN and SAN. ISE ...

Resolved! CIsco ISE 802.1x EAP-TLS authentication with Entra ID

Our customer exisitng environment all PC join to entra id and no any infra in on-premise Now. they would like to implement new Wi-FI with kind of this solutions but it's look like very new for us and less experience Therefore, may I asking in this co...

Dynamic voice VLAN assignment when different phone systems are in play

First, understand I have no control over the different types of phones systems. This is a very large enterprise that is a child of an even larger enterprise (50K plus users). The parent organization uses a Cisco phone system while the child organiz...

radius server marking dead on NAD

Hi,In our deployment in the switch the radius server is marking dead for sometimes in some switches but actually the radius server is alive and we checked the test connectivity using the test command and this is also fine and we checked the cpu,memor...

Cisc ISE Virtual appliance

Hi community, we have noticed today Cisco does not support service contract on this virtual appliance R-ISE-VMM-K9=. We would like to know if cisco has announced a replacement model or we need to switch to physical appliance. Thanks.

ISE upgrade 3.3 to 3.4 any problem

anybody have problems upgrading ISE upgrade 3.3 to 3.4 any problem

I have a question regarding the deployment of the ISE-PIC agent. Is it

Hi Dears, I have a question regarding the deployment of the ISE-PIC agent.Is it possible (and supported) to install the ISE-PIC agent on an intermediate Windows Server instead of directly on the Domain Controllers? If yes, can the communication betwe...

Resolved! ISE 802.1x PEAP-EAP-TLS Auth with Entra ID ISE 3.5 Availability

We have recently Migrated from EAP-TLS to PEAP-EAP-TLS against Ad and Entra, AD side works awesome, but I know availability to be able to pull device/ user groups from Microsoft Entra is included in ISE 3.5. We have been patiently waiting, but was wo...

Supplicant stopped responding to ISE

Anyone know how to fix error 'Supplicant stopped responding to ISE'? I try to increase 802.1x timer but not helping. When we use EAP-TTLS is mandatory that ISE certificate should be apply in the endpoint? Event 5411 Supplicant stopped responding...

ISE Sizing

Hello If I want to send sizing sheet to be fill by customer to collect the data and choose the best model of ISE, like NO. of endpoints, PCs, Dummy device, what else?

Resolved! ciaco ISE 2.7 to 3.1 but it's using internal CA for authentication

hello people I have a Cisco ISE 2.7 and want to upgraded to 3.1 and then to the recommended release, but the thing is it's using its own CA for the authentication so doy you have any recommendations for this procedure? I wanted to do a full upgrade, ...

Network Access Control

Forum Posts

Explicit EAP failure

802.1x with native windows supplicant.

Cisco ISE authentication via certificate and authorization via Azure

ISE-PIC not receiving active sessions — only 5–6 users every few hours

Database Server not-running Cisco ISE

Resolved! CIsco ISE 802.1x EAP-TLS authentication with Entra ID

Dynamic voice VLAN assignment when different phone systems are in play

radius server marking dead on NAD

Cisc ISE Virtual appliance

ISE upgrade 3.3 to 3.4 any problem

I have a question regarding the deployment of the ISE-PIC agent. Is it

Resolved! ISE 802.1x PEAP-EAP-TLS Auth with Entra ID ISE 3.5 Availability

Supplicant stopped responding to ISE

ISE Sizing

Resolved! ciaco ISE 2.7 to 3.1 but it's using internal CA for authentication

I have a question regarding the deployment of the ISE-PIC agent. Is it

Necesito configurar un portal de invitados "hibrido" en ISE 2.7

ISE Accept certificates without validating purpose will break 802.1AR

Cisco ISE JSON SMS

Occasional delay in assigning ISE SGTs to client traffic on NAD

CSCwq14246 - ISE internal disk check - ISE VM read/write issues

Cisco Catalyst 1300 and Dynamic VLAN

ciaco ISE 2.7 to 3.1 but it's using internal CA for authentication

Domain-joined computer and MAB

Cisco ISE - Is it possible to send AD Group in RADIUS access accept?