Network Access Control

How do I defend against "clickjacking" attacks regarding ACS 5.3.40 ?

Hi, It has been suggested that our current configuration of ACS 5.3.40 could be prone to Clickjacking attacksRegarding the GUI the ACS needs to be configured to respond to X-Frame Options HTTP header to instruct the browser not to load the applicati...

AAA using Radius with 802.1x

Hello there, We're going to be implementing 802.1x on our network of some reaallly old switches (6509 Cat OS with MSFC 2). We use radius for AAA authentication and I've been reading that .1x uses radius. How is that going to work? Do I just add a...

Resolved! Difference between ISE and NAC?

Dear All, Can you please help to understand difference ISE and NAC? Thank You,Abhisar.

5.3 unable to configure ACCESS POLICIES

Hi guysi'm configuring ACS 5.3 but i can't configure access policies.below some print captures.someone can explain me where is the problem?thank's in advance for your help

Resolved! ISE1.2 MAC registration after LDAP web-auth

Have a situation where we want to just do a simple one time registration of the MAC address after a person successfully authenticates web-auth using LDAP. It's very similar to guest authentication, but I'm not sure how to customize the another porta...

Ise local admin ( CLI )

hello all,i have 2 version of ISE installed, one is the NFR one. Both setup are at the same release except for the patch levelon the NFR, i can do: username eric passord remote role adminthe possibility is not available on the other ISE setup. Ther...

Different Suffix for active directory name

Hi There, I have got ISE 1.2 integrated to Active Directory/LDAP Can I use same active directory user for different purpose E.g. on Guest Sponsor portal When users logs with username@byod they get to create byod guest account (Activated Guest) valid...

“No Internet Access” however there is !!!

In ISE deployment, we are facing a problem related to end users systems.The users get authenticated and authorized perfectly according to the configured policy, but there is exclamation mark on Network connection.Which indicate “No Internet Access”Do...

virtual http Error: 501 Not Implemented

after virtual http authenticated successfully,the explorer prompt:Error: 501 Not Implemented.when i show uauth,i can see the successful information: Current Most SeenAuthenticated Users 1 1Authen In Progress ...

ASA CX Active Authentication

configure identity policies to require active authentication,but no login form display, why? 1Define realm which contain one AD 2Define identity policy 3Define identity policy object 4Define access policy,specify Identity policy objects as part of...

ISE 1.2 Guest Portal Profiling Certainty Factor not Increase

Hi I have configure ISE 1.2 Guest Portal and check for profiling which device login but I found that endpoint profile not match after user succesful authenticateProfiling Configure and Endpoint Detail in attachment below

Resolved! aaa radius server control privilege level

I've got radius authentication working on my switch, but I'm trying to allow two types of users login using Windows Active Directory. NetworkUsers who can view configuration and NetworkAdmins who can do anything. I would like for NetworkAdmins to whe...

cisco ise profiling -lldp med information

Hi AllWe got few IP phones which uses lldp MED information to sent its system descriptions, type etc to the switch. These lldp med information can be seen in the Cisco switch, but when ISE does profiling using the snmpquery probe for these endpoints ...

CISCO NAC AGENT LOG ISSUES

Dear Community member,What can be made out of this issues? I have attached the screen shot.You comments are welcome and appreciated.Regards,

Resolved! ACS 1121 (5.4) Username Prefix/Suffix Stripping

Hi.Is it possible to strip the suffix from a username to authenticate against an active directory in ACS 5.4? I can find this when using an external proxy service, but not for network access.Thanks.

Network Access Control

Forum Posts

How do I defend against "clickjacking" attacks regarding ACS 5.3.40 ?

AAA using Radius with 802.1x

Resolved! Difference between ISE and NAC?

5.3 unable to configure ACCESS POLICIES

Resolved! ISE1.2 MAC registration after LDAP web-auth

Ise local admin ( CLI )

Different Suffix for active directory name

“No Internet Access” however there is !!!

virtual http Error: 501 Not Implemented

ASA CX Active Authentication

ISE 1.2 Guest Portal Profiling Certainty Factor not Increase

Resolved! aaa radius server control privilege level

cisco ise profiling -lldp med information

CISCO NAC AGENT LOG ISSUES

Resolved! ACS 1121 (5.4) Username Prefix/Suffix Stripping

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

meaning of ISE patch condition

Effectiveness and performance impact of enabling MUD in ISE

Incorrect Device Registration & Compliance Query from Intune

Cisco ISE SAML Logout - Users Stay Logged into Azure AD

Hotspot Portal Not Assigning Endpoint to the Configured Identity Group

Cisco ISE VM memory increase

dot1x max-reauth-req

Using script for Guest Access splash page

cisco ISE 3.0 license

Lose connection between access switch and ISE servers