Network Access Control

Cisco Access Control Server (ACS), Identity Services Engine (ISE), Zero Trust Workplace
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

Labels

Forum Posts

Hello, Currently, I use LDAP for authentication to AD on Cisco C3650 but its not working. This is my configuration: aaa group server ldap [ommited] server 192.168.1.50ldap attribute-map MAP-LDAP map type sAMAccountName usernameldap server 192.168.1....

Hello all, Just 2 quick questions; 1. Can ISE be configured to push "VPN Group Policy" to a user as part of its authorization profile? If Yes, what attirbute is used for this? 2. Can ISE override the local group policy parameters via its authoriza...

Hi gurus, has anyone implemented radius communication across NAT that translates the IP address of the radius client with one to one static translation? In this scenario, Cisco Wireless LAN controllers are the clients of radius services that is pro...

Just to check, we currently have a customer running standalone ISE version 1.2 There are plans to: 1. Propose a redundant unit 2. Upgrade ISE 1.2 to latest 2.1 Questions: 1. Understand that the upgrade path is lengthy. Any suggestions to achieve ...

mpeeters by Cisco Employee
  • 511 Views
  • 3 replies
  • 0 Helpful votes

We have a customer that is asking if port TCP 464 “KPASS” is required to be opened between the ISE and AD. If yes, what is the exact purpose of opening this port and is it required during the authentication phase ?

saghisha by Cisco Employee
  • 2984 Views
  • 3 replies
  • 1 Helpful votes

Resolved! Avaya and EAP-MD5

OK, We are using ISE 2.1 for wireless and are investigating it for wired. All is fine until we tried an Avaya phone.The phones use EAP-MD5 to pass credentialISE works fine with it, but I get this error and it skips checking AD.22043Current Identity S...