Network Access Control

Hi All,Am looking for a way to audit all of my network devices in ACS - report on those that have not had any authentication attempts against them in say the last 7 days.  Is there a way to do this?  Don't see anyting obvious in the Reports options.T...

Hi guys,I have already configured a couple of ASA CX, but one of my customer the integration with AD doesn't work. With LDAP instead of Active Directory worked, but with LDAP I can't use passive authentication.Anyone can send me a link with Microsoft...

Working on an initial piloted roleout of ISE with a customer. We initially had a single server setup as a pilot using 1.1.1.4 to pilot things like client supplicant provision, and then stood up a new VM as a secondary and upgraded that to 1.2. Today ...

Hi all,Consider this scenario. A Cisco IOS device authenticates access to its VTYs using two tacacs-servers put in one server group. Normally, as implied in the IOS security docs, the second server is used only if the first one times out.My quiestion...

Hi allI need to have 2 different types of guest users that will get different level of access with DACL / Airspace ACLI thought that best way to do that is simply matching one of optional data fields you can setup in Sponsor PortalUnfortunately as so...

Hey guys,I have a question regarding ISE Authorization Policy. In my test lab, I don't have any wired station, and what I have is a wireless lapotp. I have configured to allow only EAP-TLS authentication. Now, my problem is I keep getting "15039 Reje...

Hi all,I have ACS version 5.1.0.44.and WLC version7.already I create new database in ACS Local and I integrate the ACS with AD to use the local and AD simultaneously.Now,all the users can authenticate to wired and wireless devicesThe issue is that I ...

I have upgraded to ISE 1.2 and the latest patch and noticed a bug where editing network devices, you are unable to save changes as the "Save" button is greyed out. It also appears to have SNMP unchecked for all devices even though there is configurat...

Hi,A have a Primary (Auth) and Secondary (Log Collector) running ACS 5.4.0.46.1 The log collector is reporting 91% util in /opt folder and constant logging health issues in ACSview.How do I fix this issue ASAP?Thanks,Matt

Hey guys and gals,I need to confirm something.  I am new to this but in my current environment we use Cisco anyconnect for posture checking and its using the CTA portion of anyconnect.  I want the laptop to pass a posture check without using the CTA....

Hi:I have DMVPN peers set to use RSA signatures for setting up IKE phase 1.Is it possible to get the certificate common name (CN=) to show up in AAA accounting records?I have not been able to find the appropriate PKI AAA commands to do this.Currently...

Hi!When I try to add Active Directory as an Identity Store, I received:Connection test to 'jerico.lan.vusecurity.com' failed.Further information on status:   - Can not resolve network addressFrom console nslookup: nslookup lan.vusecurity.comTrying "l...

We're trying to replace an existing 3315 ISE appliance with a 3415; the plan was to do a config backup on the 3315, upgrade & patch the 3415 to the same level, then restore the backup onto the 3415.All goes well until the restore, which fails with a ...