Network Access Control

ISE Posture status issue

Hi Team,We are in a middle of PoV with ISE 2.1 and facing a strange issue wherein the compliance status shows OK in the logs but at the client end the Anyconnect agent shows as unknown policy. The agent version used is 4.3 for anyconnect module and 3...

Resolved! Sponsor approval mail inconsistent behaviour

Hi Team,We are in a middle of a PoV wherein the sponsor based guest management is showing inconsistent behavior wherein the mail is received by the sponsor with the approval link but the same is not clickable from the mail body but shows as a normal ...

Cisco ISE OVA

I just downloaded the .OVA for the Cisco ISE virtual appliance for VMWare, v2.2. After I import the OVA then power it on, my HA cluster resources goes from 3 hosts reserve capacity to 0 hosts reserve and I get an alert stating insufficient resources...

Resolved! ISE API: Can I create Identity group with Restful?

We have a API integration requirement, but we found that there is no method to create identity group with Restful API. Is here have a way to create identity group without GUI? : ) Thank you very much!

High authentication latency

Dear Guru's, Since yesterday we are encountering "high authentication latency" errors on one of our 3 PSN's. Our system is already up/running for 3months, so the latency can't be explained by increased AAA traffic. Suddenly CPU was at 40%, memory at ...

Resolved! ISE Guest Portal phone number modification

Dear experts,Do we have any possibility to change the phone number variable before send it to SMS gateway?For example, we have to ask end users to input their phone number in format 8XXXXXXXXXX, but our SMS provider expects from us phone number in fo...

Resolved! ISE 2.1 BYOD Configuration

Dear Folks,I am configuring the BYOD for my POC and I am using the SSID for my Guest Access, but there is a conflict whenever I access the GUEST SSID, it's all pointing to the BYOD Policy and I cannot connect anymore to the previously working GUEST S...

PSN load balancing - Anycast

On Virtual ISE nodes / PSN, is it possible to configure secondary Interface with an address? I read how to do this on physical box, but no info if it is the same for Virtual. Is it just a case of adding 2nd NIC on the VM and placing in relevant netwo...

Resolved! Anyconnect support for Win10 enterprise-evaluation

Hello. I've faced the problem using anyconnect 4.4 during posture process. When windows 10 Professional is used, there is no issues, but when Enterprise-Evaluation is used error message "Couldn't connect to this server" pops up(similar thing also ha...

Resolved! ISE Endpoint Classification page - Endpoint Types vs Logical Profiles vs Endpoint Profiles

Hello,In ISE 2.1 (patch1) when looking at the endpoint classification page we are able to see the endpoints classification based on their endpoint type or endpoint profile. (column Endpoint Type)I was assuming that the endpoint type would be directly...

Assign static IP Address to user

Hello,How can we assign to an authorized user a specific IP address.The concept is that is a unique user that is not always in house, so in order to avoid to create another dhcp pool on the DC only for him i prefer ISE to push him an IP address when...

Resolved! Assign static IP address to ASA VPN clients by ISE

We are going to integrate ASA remote access VPN service with a new ISE 1.2.The authentication is done against Active directory. After the authentication, can static IP address be assigned to a specific VPN user by ISE?That means the same VPN user wil...

Resolved! TC-NAC on more than one PSN?

Understand per the ISE Admin guides, that we can enable TC-NAC on only 1 node at a time. What is the plan to allow enabling on more than one node to support HA environments? Or is my understanding of how TCN works not supportive of HA? Design Guid...

Max # of posture requirements in one policy

Hi all,within one posture rule it is possible to configure multiple requirements the client has to fulfil to be considered compliant. My customer is asking if there's a maximum number of posture requirements that can be ocnfigured in one rule?Thanks ...

ISE CoA configuration

I am testing CoA capabilities for a Ruckus SCG (smart cell gatway) controller and I need to include the user-name attribute in the disconnect message, I have included the user-name attribute under the CoA disconnect configuration but looking at the p...

Network Access Control

Forum Posts

ISE Posture status issue

Resolved! Sponsor approval mail inconsistent behaviour

Cisco ISE OVA

Resolved! ISE API: Can I create Identity group with Restful?

High authentication latency

Resolved! ISE Guest Portal phone number modification

Resolved! ISE 2.1 BYOD Configuration

PSN load balancing - Anycast

Resolved! Anyconnect support for Win10 enterprise-evaluation

Resolved! ISE Endpoint Classification page - Endpoint Types vs Logical Profiles vs Endpoint Profiles

Assign static IP Address to user

Resolved! Assign static IP address to ASA VPN clients by ISE

Resolved! TC-NAC on more than one PSN?

Max # of posture requirements in one policy

ISE CoA configuration

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Internal user in ISE with domain password policy

Cisco ISE Posture with WLC 9800 in FlexConnect Mode - SGT Issue with F

Posture Assessment by Condition Report Filter Issue

ISE problem with MFA

How to setup TACACS+ single-connect properly and safely

Certificate Authentication Profile

Cisco ISE - Move policy nodes to Admin/monitoring node

Log messages about Network Device Group changes

Rename ISE PANs

Status Notification for ISE Scheduled Backup