Network Access Control

Windows 10 presenting MAC address for 802.1x autentication not the userid

We have several windows 10 computer presenting the computers mac address as the user name for 802.1x authentication. The user is logging into the domain with the user id. Has anybody seen this and know how to fix it? We use the Nac Agent 4.9.5.3.

NAM: Windows 8 Machine Auth not working. CSCuc13862

Can anyone tell me whether this workaround exposes any security vulnerabilities such as exposing stored secrets previously encrypted in the registry on a client machine? We have made the modification on a few machines that were experiencing the issu...

ACS 5.6 account disabled after inactivity

im looking for some info on this setting. i cannot seem to find it mentioned in the user guide. i am running ACS 5.6 and want to set a user account to disable after n days of inactivity. is this possible? thanks

Resolved! ISE 2.0 TACACS+ sizing

Dear Colleagues,We have to size ISE for TACACS+. All together 20.000 network devices.The customer is using 4 ACS clusters to handle this load at the moment.Any sizing assistance would be useful.Could anyone who is able to help contact me in unicast, ...

Wired Connection gets Limited or No Connectivity and is NOT Authenticating

Hello All, We just started seeing an issue on People's PCs where the device is unable to get an IP Address for the Wired connection. Or, at least the NAM Module gets stuck on "Acquiring IP Address" before it bombs-out to "Limited or no Connectivity"...

Resolved! TACACS+ & RADIUS versions

Hi, Can anyone point me at the versions of TACACS+ and RADIUS that Cisco ACS 5.8 uses or how to find them on the ACS itself ? I'm being asked by an auditor to provide the versions and the vendor documentation on both protocols. Thanks in advance...

ISE Config & Backup

Team,In the admin guide, there is mention of two types of backup:a. Configuration data – Contains both application-specific and Cisco ADE operating system configuration data.b. Operational Data – Contains monitoring and troubleshooting data –C...

Resolved! One SSID to authenticate AD, LDAP & Guest

Equipment: Cisco ISE 2.1, WLC, APs, AD, LDAP client types: - AD joined users accessing Wireless through AD machines. - AD joined users accessing Wireless through personal machines ( Apple, Android, Windows ..) - Non AD employees accessing wir...

Windows 10 not supported on ISE 2.0 with dual SSID

Hi, When will be this finally fixed? Is there any ETA for this? Windows 10 was released almost one year ago and we still can't successfully deploy Cisco ISE as many of our users are already using this OS. The enrollment process goes fine but then y...

Cisco ISE AV Definition out of date

Setting up posture AV definition check in ISE, i noticed latest revision dates under Policy Elements>condition>AV Compound condition to be couple of weeks old for my symantec end point protection. What cisco uses to get the proper definition update v...

limit usage traffic per user on ISE 2.x

hi how i can limit users usage traffic ? for example user only can use 500MB traffic

ASA Versioning and Commands

Hi guys! I have a few queries regarding Cisco ASA. 1. I came across vulnerability CSCvb19843 which mentions that the First Fixed Release is "9.6(2.1)", whereas the Release Notes for ASA does not talk about 9.6(2.1); it has details only till 9.6(2). ...

TrustSec Enforcement not available

Hi Guys We have WS-C3750X-24P and as per Cisco documentation 3750X supports trustsec enforcement however "cts role-based enforcement" command is not available. Any idea what I am missing ? Switch(config)#cts role-based ? ipv6-copy Enable IPv6 copy ...

Resolved! ISE TACACS+ Time of day policy.

Good Morning team, I have a customer that is looking for ISE TACACS+ Time of day policy that would allow a user to access devices only during specific time ranges? is this going to be on the roadmap ? I know we have time and date policy conditio...

Resolved! SMS notification for Report

Customer wants to know if ISE can send email and SMS notification upon report generation. I could find email notification support but not for SMS. SMS notification is available only for Guest notification but not report purpose. Can someone confirm s...

Network Access Control

Forum Posts

Windows 10 presenting MAC address for 802.1x autentication not the userid

NAM: Windows 8 Machine Auth not working. CSCuc13862

ACS 5.6 account disabled after inactivity

Resolved! ISE 2.0 TACACS+ sizing

Wired Connection gets Limited or No Connectivity and is NOT Authenticating

Resolved! TACACS+ & RADIUS versions

ISE Config & Backup

Resolved! One SSID to authenticate AD, LDAP & Guest

Windows 10 not supported on ISE 2.0 with dual SSID

Cisco ISE AV Definition out of date

limit usage traffic per user on ISE 2.x

ASA Versioning and Commands

TrustSec Enforcement not available

Resolved! ISE TACACS+ Time of day policy.

Resolved! SMS notification for Report

EAP-TLS Device Certificate for Entra Joined Devices with Intune

Posture assessment report never finishing

NetFlow Probe Profiling – Missing IP and Port in ISE Context Visibili

Default Route SGT

PX Grid Connector and Service NOW

ISE Profiling Conflict

Scenario ISE-Pri dead and promote ISE-Sec to Primary

can no longer ssh into the Primary Admin/Secondary MnT node

NTLM Disabled and ISE-PIC

Impact of Resetting ISE Context Visibility on Endpoint Connectivity