Please use below setting on Juniper Apstra to map Admin and Read user Roles.Please use below settings on ISE servers to create Apstra admin and Read profiles: Admin Policy:priv-lvl=15max_priv_lvl=15service=aos-execdefault attribute=permitaos-group=ap...
Hello,I am experiencing issues renewing HTTPS system erificate used for admin and protal access. The old cert has expired, and I cannto delete it until it is assigned to antoher cert. I successfully installed the new cert on the first node, but when ...
I have a load of windows 10 machines which are in ISE but running monitor mode. After upgrading to Win11 they are not able to be on the network. What could be causing this as there is no enforcement mode in place..
Hi community,I had a cisco ISE 3.2 Patch 6 everything was fine until i installed the Patch 7, the API authentication stopped working i got 401 unauthorized i tried with my super Admin account (AD account), i tried to access the API from the browser a...
Configured an identity group and assigned it to the Hotspot Portal in Cisco ISE.Issue: When an endpoint hits the Hotspot Portal, its MAC address is not being stored in the configured identity group.Instead, the MAC address is being stored in the defa...
When I connect to my VPN headend (FTD 7.2.9) I make it through authentication and authorization. ISE recognizes my host as "Posture Unknown", but no browser pops-up automatically with the Client Provisioning Portal. If I open a browser and navigate t...
Need to configure dot1x for VM server Machines how we can do with ISE server.
Is it possible to do 802.1x Authentication for Entra ID Joined Machine ? My Entra Joined machines are not domain joined so my understanding a Cert cannot be assigned for an Entra ID Joined Machine. So how do I do 802.1x Authentication for Entra ID J...
Need a help can't showing PCs
If a guest user successfully registered with guest portal, shouldn't it transfer to "guestendpoints identity group" as a result?For all guest users, I can see that it's in the "profiled" identity group when it hits on guest redirection policy, upon c...
Hi All,We plan to migrate ISE Authentication from PEAP to EAP‑TLS and want the transition to be as smooth as possible. I would like to know if it is feasible to configure EAP‑TLS as the primary authentication method with PEAP as a fallback, and if so...
Hi, can I get some help with implementing inter-VLAN access control?Scenario: A layer 3 switch is handling multiple VLANs, such as Staff, IT, Guest, IoT, and CCTV. I need to define access rules to control which VLAN can access which VLAN. For example...
Cisco ISE is not available in AWS Marketplace subscription. Does anyone why know it has been removed?Can we still build ISE in AWS cloud? Thanks
Hello, does anyone have any advice on how to resolve this issue? The problem is the first time a user signs into a workstation they do not yet have their certificate from our CA which does provide a user cert automatically, but not before the Windows...
We have a customer who wants laptops to only connect to the corporate Wi-Fi. If the corporate SSID is in range.This worked well with Cisco AnyConnect NAM, but now they need to use the native Windows supplicant..Is there a way to do this without NAM? ...
