Network Access Control

Hi,I have installed CDA virtual appliance  1.0.0.011 with patch 1... I want to use an account, which is not a member of "Domain Administrator", to collect logs on windows AD. My windows AD are on windows 2008 R2 & windows server 2012.But I see this b...

Hi,i am setting up an ISE for dot1x and posture checking, I am unable to find a way to check for a policy whereby the laptop/workstation is a domain machine. So far, the rules and config guides are looking at ExternalGroups member of, but these are t...

One of my customers is complaining about having problems to access the guest services depending on the browser used:When the visitor has Intenet Explorer 10 or 11, he said the content is blocked and even the guest portal is not displayed. When the vi...

ISE Sponsor Portal I'm still coming to grips with ISE!Web Portal Managment>Settings>Sponsor>Language template>English>Configure Print NotificationRather than just add text I will like to add some graphics, I tried adding HTML to the Layout which does...

Hi,I am using cx module in ASA for context aware security. I want to also enable authentication for Internet users who pass through cx module and that authentication must be from active directory. Can anyone please guide or share any document which t...

Hi all,I'm fairly happy with backups and restoration on the admin node, but not done much with the monitor node.I think a while ago, I backed up a monitor node and restored it, and seemed to go ok, apart from the gap in logs while you're actually doi...

Trying to work with an external group-policy on an acs-Server I had the problem that the asa failed address assignment from a pool defined on acs and assigned to the group-policy user within acs at "Client IP Address Assignment". Is there an other ra...

Hello,I'm trying to configure ACS 5.1 as radius server for a catalyst switch but i can't make it work.I keep on getting the "11033 Selected Service type is not Network Access" error message.Tacacs works fine but radius does not.Does anybody have a sa...

Hi Folks,Well I thought I was pretty happy with licensing, and what I understood was:1. Licensing is based on number of concurrently active users.2. An advanced license is used if an endpoint is allocated an authentication profile based on a rule whi...

Hello,I have ise 1.2,  i have configured everything normally and i can browse to my CRL from any windows pc that is ok,  but still my ise cannot download the CRL, i get the following error on my ISE. please help me im totally stuck in this.   i have ...

            Does ISE 1.2 Authorization policies permit a condition referencing an AD group containing other groups nested within?  If not, is the alternative to create an authorization policy for each AD group in the case where a policy is to be appl...

Hello We are in the process of evaluating the Cisco ISE VMWare appliance with a view to replace our existing FreeRADIUS installation as authentication provider for our wireless network and VPN service. As a part of this we are hoping to migrate our u...