Network Access Control

Hi,I'm configuring the Web Security and ISE posture modules for anyconnect 4.x.I cannot find any documentation stating what the xml files should be called, and where they should be located. Any help is appreciated.Stuart

Hi,We are putting new LAN in our 10 new sites and planning to authenticate all our network devices ( router, switches, AP, laptop and desktop).We also need AAA ( TACACS or Radius) access for network devices.Do we need separate ACS for this purposes t...

As per above, the DNS needs to be updated as the old ones has been decommissioned.Will there be any impact if we update the "ip name-server" entries for ISE running on VM (ISE-VM-K9)Concerned about license rehosting or  other major impacts. Thanks in...

Hello,        I need to know how Cisco ISE acts when license expired (advanced license) , knowing that we are using posture policy? Thanks

Hello guys,I already have a ISE implemented in distributed mode and would like to create a new set of VMs on a new data center, making the new data center the Admin/Monitor primary leaving the old data center as Admin/Monitor secondary. Will I need t...

Is there a way to reset the ise web admin or get in again if the certificate expired from public ca?  Once we get in we can do new csr to correct it but we can not get web admin login now. In all web browsers we get secure connection failed an error ...

Hi all,I have an issue where clients use their Android device to associate to the Guest WLAN, when they open up their browser and type in a secure website (any secure website with HTTPS), they get a "site's security certificate is not trusted". Only ...

Hello.I have a ongoing project configuring a cisco wlan with 802.1x, where microsoft network policy server is used for radius authentication.Configuring the SSID on the WLC, and the 802.1x on wlc/radius server works fine, users type in their username...

I am trying to generate a CSR but getting this error: Internal error. Ask your ISE administrator to check the logs for more details.  is this bug related : CSCut97526Could anyone help on this issue ? Regards

Hi All,I have two VMs running - ACS Version : 5.6.0.22.I have one primary and one secondary. I need to amend the secondary server IP address but not sure on the best way to do this? Is there a certain procedure to follow? The primary will stay the sa...

I have a question about Cisco ISE and Certs.  Let's say I am using ISE and 802.1x and certs.  If a hacker or unauthorized user was able to spoof the MAC of an authorized machine, and was also able to transfer the ISE cert from the authorized machine ...

HelloI'm looking at setting up ISE 1.4 in a distributed deployment. There are 5 appliances in the deployment:3x SNS-3415-K9 (psn persona)2x SNS-3495-K9 (pan and mnt personas)In line with the ISE 1.4 Administrator's Guide, the 3 psn's will be in a nod...

Dear All,please I want to check if PC installed for example kaspersky verion 6 or kaspersky verion 10, I want to make this condition, in case any PC installed version 6 will be compliant or version 10 will be compliant too, I knew how can I make chec...

Dear All.We are having acs 4.2 which is now being migrated to 5.6. When we configure policies, we need to have multiple device groups with the different privilege level.Like Shell profile 1--> NDG1 = Priv15 , NDG2 = Priv 7 etc How to write this in AC...

I have customer whom recently upgraded from Cisco ISE 1.2 to 1.3.I am looking at the installed licensing and it is showing that the base license has an expiration date.  This seems to imply that it is not perpetual as I currently understand should be...