Network Access Control

All,I know ACS 5 lacks the IP Pools of earlier ACS versions. I'm looking at a 4 to 5 migration and was thinking of just configuring the IP Pools on the router ("ip pool local" etc) and sending back a RADIUS Cisco Attribute pair with the name of the p...

Hi guys, I saw the HW specs of the 3415. http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps11640/data_sheet_c78-726524.pdfThere is a spare part for the disk and for the power supply. Does anyone has the experience if the ISE software will c...

In ACS 5.4, cryptobinding TLV support was introduced to ensure that both the client and ACS participate in inner and outer EAP authentications for PEAP.I see that on Windows 7 clients, a checkbox for checking if the cryptobinding TLV is used is avail...

Has anyone had success with getting the Sponsor Portal to provide the sponsor information for guest accounts?  This would be a very helpful piece of information.If this information is not displayed on the homepage, can it be made available in the det...

Hi All,I have two ACS4.2(Windows image on Win2k) in my environment. Some regions are configured as a primary for ACS1 and some on ACS2. All devices are configured in both ACS. When ACS1 goes down, it didn't failover to secondary ACS server. All AAA c...

Hi to everyone,We have a diagram similar to this:User -> AP Aironet -> Cisco WLC -> Radius Server -> Cisco ACS 5.3Now in details:User takes a notebook to Access a wireless network that uses PEAP-MSCHAPv2 as the authentication Protocol. The user has t...

Hi everyoneI have and ACS 5.4 with 4 Network Access policies with 4 Access services rules:A) Default Device Admin -> Rule 2 -> match Radius All Devices :Wireless:Wireless_WCSB) Default Network Access -> Radius 3 -> Match Radius -> ANYC) Wireless_WCS ...

Hi to everyone,We have a diagram similar to this:User -> AP Aironet -> Cisco WLC -> Radius Server -> Cisco ACS 5.3Now in details:User takes a notebook to Access a wireless network that uses PEAP-MSCHAPv2 as the authentication Protocol. The user has t...

Hi There,Anyone know if the following observation is correct ?From the TrustSec 2.1 "Monitor Mode" guide i get the idea that Open mode, is not really as zero impact in a data gathering part of an ISE deployment is a was expecting. The guide describes...

Hello,My wireless clients having Windows XP installed, they can not authenticat to the network using user-based authentication. while they connect to the WIFI they alwasy get this error message saying "Windows was unable to fine a certificate to log ...

Hello,i´ve created a mandotory Field under System Administration/Configuration/Dictionaries/Identity/Internal Hosts.PROBLEM: Can´t see this field under  Users and Identity Stores/Internal Identity Stores/Hosts and it can´t be used as a filter.When i ...

Hi,While configuring the ISE 1.1... I have to integrate the AD with ISE...But, i m not able to open the page and its giving me the below error...There was an error while parsing and rendering the content. (Could not load class 'dijit.layout.TabContai...

I have the following configuration on my switch and it works correctly:aaa group server tacacs+ tacacs_servserver 192.168.70.20 aaa authentication login tac_auth group tacacs_serv localline vty 0 15login authentication tac_authtransport input sshThe ...

G'day All, I am building a wireless ISE solution that will service laptops (windows and OSX) via posture assessment, and mobile devices such as iphone, ipad and android. I looking for help with the profiling of the android devices. I am using the pro...

Hi All,We are facing issues while doing machine authentication in ISE1.2 with wireless PEAP authentication. Without machine authentication normal PEAP works very fine but as soon as we enable machine authentication and create policy for machine authe...