07-17-2018 06:05 PM - edited 02-21-2020 11:01 AM
We need your help to convince Cisco to resolve a defect. Please get on-board!
We are trying to integrate UserID function between Cisco ISE 2.x and Palo Alto Networks Firewalls. A Cisco ISE defect is causing a double backslash between domain and userID in the syslog output
We need you to add your company to the defect listed below so Cisco knows that multiple people are (or will be) impacted.
Cisco have now acknowledged this defect but are refusing to prioritize a fix. Cisco allege we are the only organization impacted. If multiple people are impacted Cisco will provide a fix.
Please let Cisco know you are impacted and help us pressure Cisco to provide a fix.
Defect Details
CSCvk09565 ISE 2.x onwards RFC 3164 is not being followed completely
Symptom
Syslog messages are sent with double slash in the username field.
Characters which are escaped with double slash are ,;{}\
Conditions
ISE 2.x version
Workaround
None
Further Problem Description
Below characters are escaped as of now
,;{}\
No Character should be escaped as per RFC 3164 which ISE follows.
Solved! Go to Solution.
02-22-2021 05:56 AM - edited 02-22-2021 06:20 AM
Yes you are right it is written in the release note but I think it is not solved.
I just did a capture of the UDP traffic after an authentication on the ISE portal and I have "\\" between the domain and the username for UserName= and GuestUserName=
02-22-2021 06:33 AM
Hi @Krups
please open a TAC case for that, if it was fixed in version 2.6 it should have been fixed in version 2.7 P2 !!!
Best regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide