Network Access Control

NAM and "unprotected identity pattern" not working as expected

Hi,I'm trying to test such 802.1x wired environment:windows xp sp3 as supplicantwindows NPS as radius server 2960 as authenticatorlatest anyconnect (3.1.01065) + nam and standalone profile editorI have a question:Could someone explain me the differen...

Rejected ACS local-certificate with surrogate CA

I'm going crazy because of clients rejecting ACS certificate.I have deployed successfully one ACS 5.2 in a HQ with EAP-TLS and PEAP and everything is working fine. There is only one main CA.Problem is while deploying another ACS 5.2 against another A...

Resolved! Cisco Secure Services Client v5.1 for Windows 7

hi all,i'm trying to download CSSC v5.1 for windows 7 but can only see support for vista.will the vista version gonna work for a win7 machine?

ISE NFR Allowed protocols

Hi all,I am trying to configure ISE NFR (installed on vmWare) - I had to start from the only available NFR version 1.0 - so I first made upgrade to version 1.1.1(acording to release notes there should be no problem with stright upgrade) then applyed ...

Resolved! Machine Authentication not working after workstation unattented ovr night - ISE 1.1.1 -

I am running an ISE 1.1.1 patch 2 and authetntication Windows XP machine using PEAP authentication with both user and machine authentication. The issue is that when a machine is powered on the machine authentication processes fine and the user authen...

Fail to edit ISE inline posture node after success register from Primary Node

Hi all, would like to ask what this error message mean? It appear after i successfully from primary node to register the inline posture node.thanksNoel

ACS 5.3 NTP offset increasing with NTP Server in same LAN

Im installing & configuring a new ACS 1121. Ive updated to version 5.3 with patch:Cisco ACS VERSION INFORMATION-----------------------------Version : 5.3.0.40.6Internal Build ID : B.839Patches :5-3-0-40-15-3-0-40-25-3-0-40-35-3-0-40-45-3-0-40-55-3-0-...

ISE delete command 80 character limitation

Hello Guys,one of our customers did a backup to local disk on the ISE. Later he tried to remove the file on the ISE node by running the delete command. Unfortunately the name of the file exceeded the 80 character limitation of the CLI delete command....

ACS 5.x AD client failed after hardware replacement

Already two times I have had the experience that after a ACS failed and was replaced the AD connection keeps disconnected.I found out that the process AD client keeps executed failed. Also in the logging when you log in with ssh you see messages abou...

ACS5.3 Backup failure...

Hi,I have installed an ACS 5.3 (Version : 5.3.0.40.6) as standalone ACS in a customer setup. We had scheduled the backup to be done daily at a particular time. It was working fine for few weeks and after that the backup did not happen. When i had ...

Resolved! Cisco ACS 1121 version 5.3 - Logging

Hi ThereI'm new to Cisco ACS 5.X. From what I have read, the Cisco ACS can act as a Logging Server. Does this mean, all the syslog messages from all the other ACS and network devices can be stored by ACS? I'm a bit confused on this part. Lastly, I un...

Resolved! ISE Integration with PEAP (Server side Cert)

All,We are currently evaluating ISE and I am stuck with the PEAP authentication (with Server side Cert).Our current setup consists of two 5508 controllers, 30+ access point. For authentication we are using PEAP with (server side Cert). We have an IAS...

Documenting AAA Commands

I want to document several of my AAA authorization commands. I guess I haven't done well in doing so. Rather I have just accepted them and then used them. Can anyone suggest where I can get a reference document so I can document these commands:aa...

802.1X IAS Switch 3750

Hi,I am configuring authentication 802.1X in my Access Switchs. The switchs are WS-C3750G-24PS running C3750-IPBASEK9-M, Version 15.0(1)SE2, RELEASE SOFTWARE (fc3). The Radius server is a IAS server, in the IAS there is a Remote Policy with the Windo...

Resolved! ACS 5.3 certificate based network access using AD

Hi,Does anyone has implemented certificate based 802.1x authentication network access using ACS5.3 & external identity store as AD.If yes then please let me know asap.Ajay

Network Access Control

Forum Posts

NAM and "unprotected identity pattern" not working as expected

Rejected ACS local-certificate with surrogate CA

Resolved! Cisco Secure Services Client v5.1 for Windows 7

ISE NFR Allowed protocols

Resolved! Machine Authentication not working after workstation unattented ovr night - ISE 1.1.1 -

Fail to edit ISE inline posture node after success register from Primary Node

ACS 5.3 NTP offset increasing with NTP Server in same LAN

ISE delete command 80 character limitation

ACS 5.x AD client failed after hardware replacement

ACS5.3 Backup failure...

Resolved! Cisco ACS 1121 version 5.3 - Logging

Resolved! ISE Integration with PEAP (Server side Cert)

Documenting AAA Commands

802.1X IAS Switch 3750

Resolved! ACS 5.3 certificate based network access using AD

Cisco ISE 3.4 Ports for Elastic Search

UserPrincipalName not showing in ISE Log for certain user

CISCO NAM installation by iso generated by System Center

can i USE 2 CISCO ISE posture policy in same time with 2 Anti malware

High Response time for Entra ID TEAP with ISE

Cisco ISE Guest Portal and Ruckus One wireless

ENTRA ID Registered Devices

Cisco ISE PAN License

Only allow enable, show commands, no config allowed, cant make it work

Invalid Request error on GUI login - suspecting MnT Restriction issue