Network Access Control

Hello,I have a problems with registering the secondary node on Cisco ISE 1.1.4.I did all like described on User Guide:- Primary ISE is promoted to PRIMARY.- DNS entries are added and resolved for both ISEs- The "Certificate Store" on both ISEs are po...

Hi,I just wanted to migrate from the AD-Agent to the CDA but I'm running into some problems with the windows firewall. That's the situation:- The AD_Agent was running fine (with Windows-Firewall on DC enabled).- The CDA can connect to my DC when I di...

Hello,I have a customer that is running a 2-node ISE deployment and is licensed for 250 Base and 250 Adv. users.We have moved the wired users over in one of their offices into Monitor Mode only, and the Base/Adv. Active license counts have exceeded b...

Dilema: We have Comodo certs for our users, but the only thing missing from the certificate is Principal Username, so I can't use it to authenticate my users. I don't want to reissue all the certificates as that would be to costly.      So I tried us...

This is what I would like to do for our Core Routers. Not too familiar with ACS, so please excuse me if I don't provide you will all the details.Right now I have ACS 5.3 which is tide to Active Directory. When a user logs in they use there AD credent...

Hi,We have about 50 Cisco ASA and their configurations are not Standardized. Please advise a quick way or tool to audit the configurations and deploy the standardization configurations. Thanks.

Hello,I am newly configuring and testing  Posturing/Client Provissioning on ISE.  I configured Client_Provissioning Policy without any Posture_Policy just to test it works or not.My Wireless client can authenticate and get and install NAC_Agent succe...

Is there a way in ISE 1.1.1 to accept a logon as an email address then convert that to a domain\username format?example:logon id: user@email.test.com  to domain\user.If so where would that be done?Current Authorization Policy matches on domain , Radi...

Outside user access to 150.1.7.60 on port 9007 using specific URL:9007. This service is at the DMZ. Packet get translated in asa to 172.16.15.8.How I can authenticate that traffic?ADDITIONAL INFORMATION:I have configured a TACACS server at 172.16.10....

Hi,Just want to know while ISE is implementing for all Wired/Wireless user authentication and authorization, can we use the same ISE box for AAA client management (Device Authentication and Authorization), we know it work as RADIUS and cant get accou...

Hi Guys,We are deploying Cisco ISE with version 1.2, one of  our requirement is to identify the corporate and personally owned  devices. Is there a feature in ISE with this requirement? Thanks.

Hi all,I'm trying to understand the posibilities of the ISE. I would like to configure host authentication without the client having to enter credentials for a second time after logging on to his pc.Is this possible with DOT1X? As far as I understand...