Network Access Control

ACS 5.5.0.46.6 and NEAT Problems

Hi,We´re using a lot of NEAT-Switches. They all configured with the same username and password.Sometimes when we connect a new one, an other one, already working fine, looses connectivity. Both switches are connected to WS-C3750-48TS-E (Stack). IOS =...

ACS 5.4 to ISE 1.2 migration

Hi,does somebody have an idea how to migrate users from ACS 5.4 to ISE?I tried with migtool, but it's telling me that migration from ACS 5.4 is not supported.However if I install older ACS 5.1 and restore a backup from ACS 5.4 then it fail because it...

Cisco Secure ACS authentication problems after 3750 switch stack reboot.

We are running version 5.2.0.26.4 of Cisco Secure ACS. We are using it to control access to our wired network and only allow our Cisco phones and our domain computers on the network. We use MAB for the phones and dot1x for the PC's. The system works ...

ISE integration with XenMobile

We are trying to leverage XenMobile with ISE and have it added and it Test successfully. Devices have already been enrolled into MDM, we are wanting to query the MDM to determine if the device is Registered, JailBroke, etc to determine access. In t...

Cisco Prime Radius Users

I have a Cisco Prime server (version 2.0) and an ACS server (5.6)I am using the ACS server to authenticate my users, via TacacsI have some of my users being authenticated as Lobby AmbassadorsI have used the bulk import to create a shell profile and t...

Captive Portal - Password

Hi ,I want to understand the scenario of Access point Authentication and LAN Authentication. I am able access internet & intranet, by providing my credentials of captive portal on AP - SSID.Then, at the same time when i plug-in the LAN Cable , and ...

Resolved! ISE 1.3 Disallow authentication to network based on group

ISE 1.3MS AD 2008R2Two Groups: All Employees , All StudentsProblem: Students connecting to the employee networkI have two wireless networks STUDENTS and EMPLOYEES. In ISE I have two authorization policies for these networks. In a prior effort to keep...

Unsupported Browser on iPhone / iPad with ISE 1.3

I'm playing around with ISE 1.3 and the self provisioning flow. I'm able to provision a Windows client, but an iPhone or iPad with IOS 7.1.2 gives me an "unsupported browser" error when I try to sign on. I have an IOS client provisioning profile se...

router 2921 aaa post authorization status = error

Hello,i have an ACS 5.4 in use. The used Authentication Protocols are TACACS.When i want to authenticate a normal router 2921 with Mac-Address,i try to configure a router 2921 on ACS5.4 to authorize ACS internal user,but the autehntication reject th...

VG202XM as dot1x supplicant

Hello Community,i have some troubles about my VG202XM as dot1x supplicant. I have found some informations to configure a normal router as a dot1x supplicant. But this commands are not work.The tested way was:enconf tdot1x credentials testusername tes...

Windows EAP-TLS with machine cert only?

Hey all. Seems like this should be an easy question, but after doing some reading, I'm still a little confused.Can I authenticate a windows computer against ISE using EAP-TLS with a computer-only certificate and stay authorized when the user logs in?...

ISE 1.3 - internal CA for EAP client

Hi Experts, Could you please give me the right way and step to configure ISE 1.3 built in CA for EAP client auth. I'm trying to complete my dual SSIDs procedure. My configure may has some missing config on Certificate section. That make client can no...

configuring ise

hi,I have configured ise and redirection is working fine but I an having a challenge separating guest traffic from corporate traffic.I have attached a summary of my scenerio.

Resolved! Upgraded 5.4 ACS VM has space issue warnings

Upgraded to 5.4 last night and ran into several warnings concerning storage space. Here is specific message: warning:[acsDiskSizeCheckUtil.sh] Patch of size 1079 M exceeds the allowed quota of 1000 M. This will not prohibit patch installation proces...

Cisco ISE NTP MD5 hash is 20-Bytes?

When attempting to configure an NTP authentication-key in the Cisco ISE CLI I noticed that it will not accept an md5 hash of 32 characters (16 bytes). Instead it is expecting a 40 character (20 bytes) hash. That is in line with a SHA-1 hash, not an M...

Network Access Control

Forum Posts

ACS 5.5.0.46.6 and NEAT Problems

ACS 5.4 to ISE 1.2 migration

Cisco Secure ACS authentication problems after 3750 switch stack reboot.

ISE integration with XenMobile

Cisco Prime Radius Users

Captive Portal - Password

Resolved! ISE 1.3 Disallow authentication to network based on group

Unsupported Browser on iPhone / iPad with ISE 1.3

router 2921 aaa post authorization status = error

VG202XM as dot1x supplicant

Windows EAP-TLS with machine cert only?

ISE 1.3 - internal CA for EAP client

configuring ise

Resolved! Upgraded 5.4 ACS VM has space issue warnings

Cisco ISE NTP MD5 hash is 20-Bytes?

Get ready! Great things are coming to Cisco Community

New name, same great product: Cisco Spaces

Congratulations to the July 2022 Spotlight Award winners!

Tenable ISE Integration

Can AnyConnect ISE posture popup action be changed?

ISE 3.0 Agentless Posture issue

ISE 3.0 Guest Portal HTML Jump Marks

ISE SNMPv3 deleting username design flaw

ISE WLC - Assign interface to client

Kerberos SSO for ISE Sponsor Portal

Cisco ISE API's for CoA

CISCO ISE NAD API export for scheduled nackup

ISE Guest portal redirect