Hi,I need to upgrade my ISE 3.1 (latest patch) to 3.4I have 2 nodes My question is what do I do with expired Trusted Certificate?Will upgrade fail if I have expired trusted certificate? My system Certificate is all valid.I dont know what all certific...
Hi,We're currently at ISE 3.1 patch 10. We intend to upgrade to ISE 3.4 patch 3 which is marked as suggested version now in Cisco's download portal. Since we've had many problems even with suggested software versions, I don't value a star in a Cisco ...
Three Articles caught my attention before testing Posture with Debian 12 (code-name Bookworm) ... 1. the Release Notes for Cisco Secure Client, Release 5.1: Web Deployment for DEB (Debian) installation is not currently supported. Modules provided w...
I am using ISE as RADIUS Server for PaloAlto Firewall login authentication. Whenever I am trying to login with invalid username, it seems ISE is sending some MFA(OTP/Challenge). The reason I am think so is that I am seeing MFA/OTP workflow getting t...
Good morning, Experts, I’m currently working on implementing an ISE deployment that will operate solely as a RADIUS server for both WLAN and LAN authentication. The authentication process must meet the following requirements: VLAN Assignment:The cl...
Good Morning, a customer is going to add other PSNs to the current distributed Cisco ISE environment. By now they have a Middle size architecture with a couple of PAN and MNT and five PSNs. In order to add new PSNs (by now four or five) I suppose tha...
Hello,Could you please let me know if this might become an issue in the future? Everything is working fine for now.
Hi Team, In my customer environment, they are using FortiAPs managed through a FortiFirewall. I would like to confirm whether it is possible to create a guest configuration in Cisco ISE in this setup. Will the FortiFirewall support redirection in thi...
Hi everyone,Unfortunately, old versions of iOS, Android, Chromebook do not include in their Trusted Root CA DB/List, the Sectigo Root R46 certificate so my Web-authentication login portal that uses a cert signed by that Sectigo Root R46 is giving me ...
As the title says. Is it possible to mix different SNS in the same deployment?eg. having 3815 for only PSN and then having 3855 for PAN/MON/PSN?
I have RA VPN configured on FTD. I use ISE as AAA server on FTD. So, when user connects to VPN, it types credentials and ISE checks them (ISE is integrated to on-prem AD). I want to enable MFA on this flow. I have Okta for MFA. Any ideas ?
I deployed Cisco ISE in a testing environment, but we are unable to use switches and need to rely on the PIC Agent. Active Directory has been successfully integrated with Cisco ISE, but we are having trouble seeing all endpoints in Context Visibility...
I am running ISE 2.2 p16. I have a bunch of Axis security cameras, and all of them appear to be trying to reauth every minute or so. Typically, this isn't a problem, but some cameras will drop offline. I can see the following message in ISE.FailureRe...
Hello,I'm trying to configure MAB authentication using Cisco ISE and a switch, but I'm running into an issue:When I do not configure MAB on the switch, the MAC address of the client shows up normally in the MAC address table.When I enable the MAB co...
All, I am trying to get EAP-TLS working on an Ubuntu Linux machine. The system is controlled by Centrify and Centrify has pushed out a certificate, private key and chain file to the machine. I am attempting to use the wpa_supplicant with the foll...
