Network Access Control

Resolved! Cisco Guest Portal is not working when Internet is not working

Cisco Guest Portal is not working when internet is not working. But my guest portal is hosted in Cisco ISE (PSN) which is internal and DNS server as well.

ISE posture changing from compliant to unknown despite still in lease

Dear All, We are using ISE version 3.1. Users are accessing the internal network via wireless connectivity on WLC 9800-L version 17.9.4. We have configured a posture lease (1 day), enabled LSD, and no PRA. Here's the issue: Users are random...

Windows 11 ISE posture

I configured posture policy which use (windows 10(all)) as operating system criteria. and all posture conditions using windows 10 also. but windows 11 PCs still be scanned for posture. Note : posture requirements still in audit state. Can someone exp...

Resolved! ISE Patch Question

I have a 4 node deployment - I plan on patching the via CLI and start with the PAN first - PSN Second and the Sec PAN third, but when the below question is presented do I need to say no in order to continue patching the remaining nodes individually?...

Resolved! Post 3.4, Patch 4, replication stop with PAN and CLI failed to connect

Post 3.4, patch 4, Replication stop between PAN and PSNs, error, Jediss replication failed, CLI access issue-error failed to connect to the server. throwing an error in the debug log : Error, Failed to connect to server, could not connect to test-ise...

ISE Upgrade Incident Summary

ISE Upgrade Incident SummaryOverview: ISE 1 and ISE 2 were upgraded from version 3.3 to 3.4. The upgrade did not go smoothly because the upgrade on ISE 2 failed partway through.Timeline and ObservationsPre-upgrade: The bonded interface for Gi0 was do...

Resolved! ISE 3.2 on VMWare - becomes a brick after trying to upgrade to 3.3

Hello!We tried to upgrade our ISE 3.2 on VMWare (patch 3,4 and 7) to 3.3 using the upgrade bundle, but got the same result:the appliance becomes a brick after reboot, which is included in upgrade process. No logs are available after that reboot, and ...

Resolved! Cisco ISE - Is it possible to send AD Group in RADIUS access accept?

We are trying to make auth work in Grafana via Cisco ISE and RADIUS protocol through OAuth, and we have managed to get this working by using Cisco AV-Pair dictionary attributes. In order to granularly authorize access to differnt dashboards, I need o...

Resolved! Cisco ISE

Hello,I need to renew a certificate that is expiring soon, which is used for Admin access, EAP authentication, and RADIUS DTLS.This certificate is signed by our internal certification authority.I generate a CSR and sign it with our certification auth...

Resolved! Query on Cisco ISE 3.2 patch 9

It looks like Cisco took quite long time to release patch 8 for ISE 3.2, it was release at end of November 2025.Now they release patch 9 on Dec 2025. Was there issue with Patch 8. If current system is on patch 7 can we install patch 9 directly ?

Resolved! New ISE node not showing any TACACS logs

I had two ISE VM nodes running on 2.4 ( no patch) with in sufficient resources. I was getting multiple alarms.I made one node primary for both Admin and MnT personas and de-registered the second node. Then I registered a newly created VM node with su...

ISE cli admin removed after upgrade to 3.4?

I'm in the middle of configuring a new set of ISE servers, and I found that after i upgraded from 3.3 (wich the hardware came with) to 3.4 i could not log into cli any longer. GUI was working fine. So i do the admin password recovery and it tells me:...

ISE Administration Node Replacement

Morning Cisco Forums,I'm looking for some guidance on the process of replacing ISE administration nodes, in a 4 node cluster. In our current environment, we're running ISE version 3.4p4, and have a primary/secondary administration node, and 2 policy...

Single ISE guest portal and multiple global PSNs

We have a global deployment of multiples PSNs ( 2 US-WEST, 2 US-EAST, 2 EU and 2 APAC). Currently we have a single guest hotspot portal with a single URL (guest.portal.XXXXX.com). Each site has a local FortiGate which acts as the DHCP server and a lo...

Resolved! Unable to add Crypto host_key add host - Host not found in /root/.ssh

Hello, i have configured a Sftp server as repository but i'm unable to add the Crypto host_key add host <server ip/fqdn> on the secondary PAN and MON and PSN.The cluster is made of Primary PAN Secondary PAN Primary MON Secondary MON Psn1 Psn2 on th...

Network Access Control

Forum Posts

Resolved! Cisco Guest Portal is not working when Internet is not working

ISE posture changing from compliant to unknown despite still in lease

Windows 11 ISE posture

Resolved! ISE Patch Question

Resolved! Post 3.4, Patch 4, replication stop with PAN and CLI failed to connect

ISE Upgrade Incident Summary

Resolved! ISE 3.2 on VMWare - becomes a brick after trying to upgrade to 3.3

Resolved! Cisco ISE - Is it possible to send AD Group in RADIUS access accept?

Resolved! Cisco ISE

Resolved! Query on Cisco ISE 3.2 patch 9

Resolved! New ISE node not showing any TACACS logs

ISE cli admin removed after upgrade to 3.4?

ISE Administration Node Replacement

Single ISE guest portal and multiple global PSNs

Resolved! Unable to add Crypto host_key add host - Host not found in /root/.ssh

Bulk Update Fails for customAttributes - Is it supported?

UserPrincipalName not showing in ISE Log for certain user

CISCO NAM installation by iso generated by System Center

can i USE 2 CISCO ISE posture policy in same time with 2 Anti malware

High Response time for Entra ID TEAP with ISE

ISE VM Smartnet

ISE 3.5 requests for SMB Version 2 from Active Directory

SSL VPN FOrtigate with Cisco ISE Posture

Certificate Services OCSP Responder nearly expired

ISE databases - which one has the endpoints?