Network Access Control

Hello, Here is our scenario that are are attempting to accomplish. We currently have a Guest Portal set up for AD authentication that stores a users MAC address in an Endpoint Group that stores it for 365 days. The policies will allow anyone on to t...

Hi I have ISE 2.0 and I am trying to create a auth rule to allow access to a certain SSID if the AUP was accepted less than 3 hours ago. However when I try and create the rule with the condition ENDPONT:LASTAUPACCEPT LESS 3 - I get the error 'Could ...

Hello, We are trying to implement LDAP authentication for our Cisco ASA 5520 for management access. Currently we have configured local user accounts for the ASA admins. But we want to authenticate them with their AD account. We have a LDAP group crea...

We would like to know what version of ACS and ISE can handle multiple domain?

Hi, We have a ACS cluster which send mails when we have an alarm. We also have configured to send mails when backups are done. We realised that the mails are not being sent so we restarted view-alertmanager job and the mails were sent again but toda...

Hi, I am trying to bring up a new ISE 2.1 server with AnyConnect 4.3 as the 802.1x supplicant. I have a MacBook with the 4.3 client and policies are in place on the new server. Does anyone know where this message comes from - Your network is configur...

Hi, I am trying to bring up a new ISE 2.1 server with AnyConnect 4.3 as the 802.1x supplicant. I have a MacBook with the 4.3 client and policies are in place on the new server. Does anyone know where this message comes from - Your network is configur...

Hello everybody,I'm implementing a NAC solution based on Cisco ISE. Unfortunately, I'm facing a problem related to the CoA (Change of Authorization).The guest can authenticate successfully via portal and then he is redirected to the page of client pr...

Hi Guys, I have an ISE 2.0.0.306 with pach 3 running. I’m trying to import a long list of endpoints into a group that I have created under Endpoint Identity Groups. But the problem is that the “Endpoint Identity Group” is not imported. I have created...

Hi All, I'm about to move from Monitor Mode to Secure/Closed mode (ISE 2.0) and will be using a variant of the default Cisco ISE Access Point policy to authenticate 1000+ Cisco Access Points. However I have noticed that about 10% of the AP's have onl...

Hello, Does anyone know what type of encryption is used by ACS 5.8 TACACS when not using the FIPS 140-2 module?  I read that the packets are encrypted, but I didn't find what encryption method is used. Thanks for your help.

We have an old CIsco ACS version 4.2 running on a Win2003 server. I have a small window to get pricing for an upgrade due to grant money available. I was looking at ISE but costs and time sent me to SACS with the possibility of going to ISE in the fu...