Network Access Control

Client requested TLSv1.0 that is not allowed

Hi!I am trying to authenticate a Xerox WorkCentre 7120 printer on Cisco ISE 2.2, using PEAP-MSCHAPv2. The printer cannot authenticate due to the following error: 12986 Client requested TLSv1.0 that is not allowed. Digging more into the error message...

ISE PassiveID Agent credentials

When configuring ISE-PIC Active Directory Agents on my ISE server, I have two options: 1. I can tell it to either "Deploy New Agent", which will automatically push and install the agent software to the target server. 2. I can "Register Existing Age...

Cisco ISE Password encryption scheme on CSV export

Cisco ISE has the option to export the local user accounts to a CSV file. Passwords in that file are encrypted with a password which is entered upon export.Now I want to create my own import files, but these need to contain the encrypted passwords (p...

Resolved! ISE Sponsor REST API for Guest User Creation

Hello,I am curious if any of you have used the ISE Guest Sponsor REST API to generate users from an external database? I have a customer that would like to generate internal users based on patient registration (i.e. Patient checks in to hospital, a g...

Resolved! ISE-PIC passive identity from Novell eDirectory

Does ISE-PIC have integration with Novell eDirectory ?

Resolved! Integration issues between ISE and Steathwatch via PxGrid

Hi team, how are you doing?I am in the middle of a PoV at customer premises for a VERY, VERY important deal - 900 x Cat3650 switches in the first phase for 14000 total switches.Trying to integrate ISE and StealthWatch via PxGrid, but it is not workin...

Resolved! scale information about ISE2.2

Q1. Max number of Endpoint identity groups we can configure.customer needs 200 endpoint identity groups.Q2. Max number of Authorization profiles we can configure.customer needs 400 Authorization profiles.

Resolved! [ISE2.2] Originating Policy Services Node behavior

I'm testing "Originating Policy Services Node" setting with ISE2.2 distributed topology.With some best practice guidance, I changed the setting from "Auto" to nearest PSN on the setting. It works as expected first. But it the PSN goes offline, SNMP ...

Resolved! ISE reporting questions

Greetings, customer is looking for the following information from ISE, working with the partner we came up with the text in red. Can you confirm we've vetted out all the possibilities? There may be other software (like Prime or a syslog server) which...

Resolved! Validity of self-signed certificate

We have a customer how wants to use self-signed certificate for pxGrid integration. The self signed certificate is valid for only 1 year.Is there a way we can re-issue self signed certificate to increase the validity of the certificate ?Also is self-...

Resolved! ACS TACACS 2 factor authentication

Can we do 2 factor authentication for TACACS authentication using ACS? If I have ACS integrated with Symantec VIP to do 2 factor auth for remote access vpn connections, can I enable same 2 factor authentication to authenticate my SSH sessions to ASA...

Error message when onboarding on iOS

Hi ISE expertsI was wondering if anyone has experienced the following , it's not really an issue but it's not a good sight to see for the end-user. When performing the BYOD on-boarding on an iOS device, half-way through the supplicant provisioning s...

Resolved! Guest CWA on Aruba Wireless controller

Team,Could you please help me with link to download 'how to guide for Guest CWA with Aruaba on ISE 2.0.1,. I did find some links but all documents are using Aruba iAP for demonstrating the use case. Options and settings are different in Aruba AP and ...

Random Users in Wired 802.1X with Machine and User Authentication using EAP-TLS

Hello everyone, After testing Wired 802.1X with Machine and User Authentication using EAP-TLS the customer is not satisfied with the results again. Even though it was explained before that certificates must be deployed prior to the implementation of ...

Cisco Secure ACS and Active Directory

Good afternoon, we are running an ACS server which we use for RADIUS authentication of wireless clients and remote access VPN clients. We have machine authentication turned ON to ensure only computers that are part of our Active Directory can connec...

Network Access Control

Forum Posts

Client requested TLSv1.0 that is not allowed

ISE PassiveID Agent credentials

Cisco ISE Password encryption scheme on CSV export

Resolved! ISE Sponsor REST API for Guest User Creation

Resolved! ISE-PIC passive identity from Novell eDirectory

Resolved! Integration issues between ISE and Steathwatch via PxGrid

Resolved! scale information about ISE2.2

Resolved! [ISE2.2] Originating Policy Services Node behavior

Resolved! ISE reporting questions

Resolved! Validity of self-signed certificate

Resolved! ACS TACACS 2 factor authentication

Error message when onboarding on iOS

Resolved! Guest CWA on Aruba Wireless controller

Random Users in Wired 802.1X with Machine and User Authentication using EAP-TLS

Cisco Secure ACS and Active Directory

Warning : ISE is experiencing latency issues, please check your networ

PassiveID problems

CSCwp21394 - wired nads failing CTS with error

CSCvv82262 - ISE 3.3 menu missing

ISE Machine / User Authentication Questions

TACACS+ Authentication Succeeds on ISE but Fails on Switch

ISE Posture State Synchronization - Real World Feedback

Cisco Guest Portal is not working when Internet is not working

ISE Patch Question

Post 3.4, Patch 4, replication stop with PAN and CLI failed to connect