Network Access Control

SSH Weak MAC algorithms

Hi All,we are running security assessment on Cisco ISE 1.2.1 using nessus software, and we found out that is a SSH weak MAC algorithms detect, how can we disable md5, md5-96, sha1-96. we have also enable "service sshd key-exchange-algorithm diffie-h...

Resolved! IP Address Renew not working

We are configuring guest access through wired network. We can sucessfully logon guest users, but it never gets the IP address assigned on guest vlan. Monitoring the switch we can see the COA assigning guest vlan to the user port. If I renew the ip ad...

Radius and local authentication

I am in the process of configuring RADIUS authentication on our network devices. But I also use SolarWinds network configuration manager to manage\back up the device configurations. I would like to use Radius for when someone needs to access the net...

Resolved! Logical Profiles in ISE 1.2.1

I´m having trouble understanding the Logical Profiles. What I understand from the user guide: http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_prof_pol.html#58510for those to lazy to read: You can use the logical pr...

Cisco ISE Disabled authentication in portal guest

Hi, dear.. How to disabled autentication in portal guest to ends users ? It is possible ?we have customers who have laptop with GPOs, allowing not show my guest portal to ends users. I am talking in about having end users not have to go through the p...

Java versions supported by Cisco ACS 5.5.0.46 build id B723

Hi, We are being advised that Java will be upgraded to the latest version on our virtual machines for security reasons.What is the latest level of Java supported by Cisco ACS 5.5.0.46 build id B723 ? A general web search / 5.5 release notes pdf is no...

Cisco Prime Infrastructure 2.1 ESXi 5.5 support?

We are currently in a deployment of CPI 2.1 with a current ESXi 5.5 infrastructure. I cannot find any related documentation on the compatibility of this support. We also have ACS 5.5 to build on this as well.Has anyone had any success building eith...

Resolved! AAA authorization commands

Hi AllProbably i am going to ask a stupid question but i am really confused regarding the purpose of "aaa authorization commands x default local" command. I understand that if this command is configured, it authorizes each and every command of that l...

acs upgrade

I need to upgrade our existing ACS from 5.1 to 5.3. We have two ACS servers but one failed and was rebuilt by a 3rd party supplier but upgraded it to 5.3 hence the requirement for the upgradeFrom reading it seems you carry out the upgrade via the re...

ACS 5.4 user details

Hello, I have just install ACS 5.4 on VMware, during the installation I created a username (admin) with a password, now after installation is finished, I can use that Username & Pass in the CLI of my ACS config, but when I access and open...

Resolved! Cisco ISE license file

I would like to backup the license file to apply for a fresh installation on the same hardware (3355). Is that possible? I tried resetting the configuration from the CLI and the license was excluded, it was necessary to do a restore.

Resolved! ISE - enabling CRL breaks all our certificate authentication

Dear All,we have a strange issue with ISE 1.2(899).Some of our clients ( PC's, printers, IP phones ) are using certificates to authenticate on the network.The printers and the IP phones use the same CA produced certificates ( for the record we call i...

Resolved! Registering a second node - ISE 1.2

Hi guys, I am trying to register a second node to my primary ISE node. But, I am getting the following error: Unable to authenticate ISE xxxx.. Please check server and CA certificate configuration and try again. I did de import/export certifi...

how to import network devices on ISE 1.2

Hi, experts,I'm trying to import network devices on ISE 1.2.0.899so I downloaded the template and opened with notepad and wrote all the nessesarry information.and I tried to upload to ISE, and it just said import failed. no reason..does anyone know h...

Error while installing private key (.pvk format)on Cisco ACS.

Hi Team, i have created the Root certificate and Server certificate in .cer and .pvk format with Makecert tool. When i tried to install private certificate on Cisco ACS then it is showing as following error . " Unsu...

Network Access Control

Forum Posts

SSH Weak MAC algorithms

Resolved! IP Address Renew not working

Radius and local authentication

Resolved! Logical Profiles in ISE 1.2.1

Cisco ISE Disabled authentication in portal guest

Java versions supported by Cisco ACS 5.5.0.46 build id B723

Cisco Prime Infrastructure 2.1 ESXi 5.5 support?

Resolved! AAA authorization commands

acs upgrade

ACS 5.4 user details

Resolved! Cisco ISE license file

Resolved! ISE - enabling CRL breaks all our certificate authentication

Resolved! Registering a second node - ISE 1.2

how to import network devices on ISE 1.2

Error while installing private key (.pvk format)on Cisco ACS.

Posture assessment report never finishing

NetFlow Probe Profiling – Missing IP and Port in ISE Context Visibili

Default Route SGT

PX Grid Connector and Service NOW

ISE Posture: secure client stops posture synchronization

NTLM Disabled and ISE-PIC

Impact of Resetting ISE Context Visibility on Endpoint Connectivity

Cisco ISE posture for Wi-Fi is stuck on Action Needed

ISE pxGrid client/server certificate creation and renewal

not able to export scheduled reports to repository