HI,we have two PSN and we bought 3rd party SAN certificate to be used for Portal , under SAN certificate we configure common CN name "ise.mydomain.com" and below SAN DNS=psn1.mydomain.com (fqdn of PSN1)DNS=psn2.mydomain.com (fqdn of PSN2)DNS=sp...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
kindly share password types in ISE [Internal users and AD Users and AD Joint points]. what is the difference between them?
Hello, I have a question regarding BYOD and randomized MAC addresses. I have implemented Single SSID BYOD flow. Users are getting onboarding, ISE is the CA server and it sends certificates to them. I have found that in certificate template I can choo...
Hi,we have two PSN and we configure certificate to include spnonser.mydomain.com , and under portal setting we configure FQDN for the portal to be spnonser.mydomain.com , now if we configure A record for spnonser.mydomain.com to use primary PSN its w...
Hello All, I have implemented 802.1x wired in my network (EAP-PEAP) and the AD is integrated with the ISE server to allow authenticated domain users to access the network. The users are able to authenticate successfully with their domain username and...
Resolved! ISE Backup Types
In Cisco ISE there are two kinds of backups, Configuration and Operational. Why are there two kinds and what is the difference between the two?
Hello team, Can you please sugest if there is a way to access to a ISE when evaluation license is expired ?RegardsOZ
The ISE 2.2 and 2.3 Installation Guide warns us politely that the .ova will not deploy with vCenter 6.5 - it doesn't state why (which is not great) but it mentions using an OVF tool to convert the file instead. On the Cisco Support Forums one user r...
I'm running 3.2 patch 2. I have the NMAP probe enabled (profiling configuration tab) and in General Settings i have "enable profiling service" enabled on the PSN. What I'm not seeing is the PSN actually doing an NMAP scan on a device when it comes ...
Can ISE posture detect whether a client laptop/desktop is connected/joined to Azure Entra id (Azure AD). Earlier ISE had an option to identify whether s system is joined to AD.
Is it true that having enabled the profiling with just the basic license makes no difference in terms of possibility of authorization, but enriches the logs of authorized devices?I'm asking this question because I faced this scenario: with two nodes,...
Hi Friends, Was trying to do AAA authentication for Radius and observed one issue. When i put authentication open then Dot1x and mab both works fine but when i do not configure authentication open command dot1x works fine but mab device does not work...
Hello;As you can see below, the user marked his registered device to "Lost":According to Cisco's document, when a user changes the status of a registered device to "Lost," the following actions take effect:However, in my setup with ISE 3.2 Patch 4, t...
Hello'Consider the following scenario:Suppose I want to revoke the assigned certificate to "User2". So, as you can see above, I select the entry and then select the "Revoke Certificate" option. Now ISE warns me by displaying the following message:I t...
Hello All,We implemented ISE almost a year ago, and our two ISE servers have certs from a 3rd party (Godaddy) that are expiring soon. Under Administration/System/System Certificates, under Used By for the certificates it shows:Admin, EAP Authentica...
