Network Access Control

Resolved! ISE 1.3/1.4 - REST API for Active Session

Hello Experts, I am working on an issue where we want to run the below REST API to monitor the active sessions.We followed the documentation and created the 2 users under Administration > System > Admin Access > Administrators > Admin Users "ersadm...

ISE not sending COA-Reauth

Hi All, I am working on ISE. I have 2 authorization profiles. 1st profile is a default profile which will be pushed after the client is 802.1x authenticated. With the help of probes, ISE discovers the client to be a windows-7 client, now after it...

Cisco ISE Config Restore from previous Version

We are wanting to restore an ISE configuration backup from a version 1.2 deployment, to a new deployment on version 1.4. Is there a way to perform the restore without overwriting the IP Address configuration on the new 1.4 nodes?

ACS 5.3 Cumulative Patch failure

I am having problems installing the ACS 5.3.0.40.9 cumulative patch. We were able to install the patch on our secondary instance with no problem at all, however we cannot install it on our Primary instance. I am installing by using the command ...a...

Resolved! Trustsec Egress Policy Color Coding

I have Red, Green and Blue icons in my Egress Matrix. I see that Red appears to be for Deny All. In the Green ones, I have permit/deny acl statements and likewise for the Blue ones. What is the difference of the Green & Blue colors in the matrix?

ISE 1.3 Launch Program Remediation AV Install

I have ISE 1.3 configured to use the ISE Posture Agent in AnyConnect for VPN. CoA is configured on the ASA and is operational. There is a posture configured to check for the installation of Trend. I have created a remediation that allows users to ins...

ISE CWA wired guest portal loop

Hi, Could you please take a look at my problem: I have confiured guest access for both: wired and wireless users. Authentication is done by Cisco ISE, users are connected by Cisco Switch C2960X and Ap3700. Wireless access works correctly: At first u...

SHA-512 Support for Cisco ISE?

Is there any word on when the SHA-512 SA will be supported/available for certificates in Cisco ISE?

Resolved! ISE 1.2 guest user and Morotola wireless controller roaming re-authentication

Hi!SR: 637925639My customer is using ISE 1.2 for wireless guest users. Wireless infrastructure is built on Motorola wireless controller RFS6000 5.7.2 and Motorola 6532 APs.From ISE perspective guest access works fine, however the problem happens when...

Network Access Manager no adapters available

Hello all, I installed Cisco Anyconnect with the NAM module in different PCs in order to sent both, client and machine authentication to an ISE, and everything works fine. But in other corporate PCs, when the installation is finished, there is a mess...

Resolved! How to restrict Internet access using RADIUS server through Catalyst 3560 switch

Dear All, I need a configuration help from anybody. I have a small network of 15 users connected to a 3560, which is in-turn connected to a 2811 ISR router. At interface fastethernet 0/24 of the 3560 switch I am planning to connect a unix based RADI...

ISE 2.0 Kernel Hardening

Hello ISE TeamI have a partner asking about the underlying OS in ISE, and if there is any document(s) talking about the OS for ISE 2.x that I can reference for the hardened linux kernel?Thank you

ACS cluster configuration

AllI have a customer who is running ACS appliances in a cluster and would like to take a phased approach to the effort. Do we anticipate any fallout from and operation or a support perspective if they proceed in that manner? Current ACS OS version an...

Resolved! NAC Agent constantly reauthenticating

I'm having an issues with NAC 4.9.4.3 where it randomly reauthenticates. There are no logs on the switch or within ISE to explain why this occurs. The user appears to remain connected. Has anyone experiences this issue?

Log Collection Error Alarm

Hello All,I have a customer that is receiving the following alarms on ISE 1.3 patch 3:Log collection error: Server=psn1; Log Type=AUPAcceptanceIt appears to be related to a log not being sent after the AUP is accepted. It does not appear to impact f...

Network Access Control

Forum Posts

Resolved! ISE 1.3/1.4 - REST API for Active Session

ISE not sending COA-Reauth

Cisco ISE Config Restore from previous Version

ACS 5.3 Cumulative Patch failure

Resolved! Trustsec Egress Policy Color Coding

ISE 1.3 Launch Program Remediation AV Install

ISE CWA wired guest portal loop

SHA-512 Support for Cisco ISE?

Resolved! ISE 1.2 guest user and Morotola wireless controller roaming re-authentication

Network Access Manager no adapters available

Resolved! How to restrict Internet access using RADIUS server through Catalyst 3560 switch

ISE 2.0 Kernel Hardening

ACS cluster configuration

Resolved! NAC Agent constantly reauthenticating

Log Collection Error Alarm

EAP-TLS Device Certificate for Entra Joined Devices with Intune

Posture assessment report never finishing

NetFlow Probe Profiling – Missing IP and Port in ISE Context Visibili

Default Route SGT

PX Grid Connector and Service NOW

Scenario ISE-Pri dead and promote ISE-Sec to Primary

can no longer ssh into the Primary Admin/Secondary MnT node

NTLM Disabled and ISE-PIC

Impact of Resetting ISE Context Visibility on Endpoint Connectivity

Cisco ISE posture for Wi-Fi is stuck on Action Needed