Hello community,I'm currently building a new ISE-deployment and the Admin-Portal certificates are giving me headaches. Hopefully someone also had this issue and was able to resolve it.The new setup is based on 3.2 Patch3. Somehow I'm not able to set ...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
Resolved! Command rejected: Dot1x is not supported on this interface.Mab not supported on this interface.
Hi, Is there any reason why the error below Command rejected: Dot1x is not supported on this interface. and Mab not supported on this interface. for port gi5/47. Other ports ok cx001(config-if-range)# source template dot1x-portsCommand rejected (Giga...
HelloI have a Nexus 9K w/6 vlansGE 1/1-1/8vlan1vlan Interface 192.168.1.1 255.255.255.0no shutGE 1/9-1/16vlan2vlan Interface 192.168.2.1 255.255.255.0no shutGE 1/17-1/24vlan3vlan Interface 192.168.3.1 255.255.255.0no shut And so on for all 6.I have i...
Hello,I would to have some opinions regarding the best practices to migrate Cisco ISE from Azure cloud to an on-prem setup.Information regarding my setup:- I have distributed setup with 2 PAN, 2 MnT, 2 PxGrid and 5 PSN I am aware that I need to creat...
Resolved! ASR-1009-X ssh all interface
HI ,i have ASR-1009-X and C9K both connected OSPF and LAN segment L3 in C9K.ASR and C9K both in OSPF and LAN segment advertise in OSPF. when i taking ssh through p2p interface IP both device access from my LAN. Requirement is ssh should happen throu...
Hello everyone,while studying the BYOD topic, I had a doubt regarding the certificate that ISE sends to the client. Specifically, I am referring to the MAC address contained in the SAN field. From the following video (link), I saw that there is a sol...
I want to know what equipment Source and Recive refer to in the livelog. The device is using 1X authentication and ISE is associated with an AD server.
I am using any connect posture on RM vpn, i have restricted Application list on posture condition and it works when the application on while posture checking. for example Bittorent. the issue is once the posture become compliant (during this time a...
Hi all;Consider the following situation:The "guestuser" mentioned above is a member of "GuestType_Contractor (default)" internal group:And I have configured "Contractor" group as:But as you can see in the first figure, the portal does not inherit the...
The environment is Cisco ISE 3.2 patch 4 and Cisco ASA 9.16.4. The computer is a Win10 laptop running the latest Cisco Secure Client 5 (AnyConnect). We have domain controllers hosted in Azure and also Enfra ID in Azure. I previously setup ISE for ...
Hello,Can someone give me the document for AnyConnect ISE Posture Windows Support Charts for Compliance 4.3.2716.6145 please.I cannot find that on the internet.Thank you for help.
I'm using ise 3.1, but is there any way to check the expiration date of each user?If you log in 10 days before it expires, you will be alerted to change your password, but if you don't log in for 10 days, you won't know, so the user is often disabled...
Is there a suggested frequency to run the AD diagnostic tool tests? Our tests are set to run every hour. We are thinking of extending the increments to every couple of hours or longer. Thanks!
Resolved! ISE and Kerberos only AD
Hello, I have a customer that is trying testing ISE with an AD where he is turning off NTLM, and using only Kerberos. He says that when he tests a used from the test function directly, choosing Kerberos, all is fine. But when the has the client usin...
Hello Everyone, We are working on an ISE deployment with 2 PAN/MNT nodes (located in the cloud) and 5 PSNs located across different physical sites. We are searching for a way to enhance the detection of a failing PSN onsite by the switches to switch ...
