Hello, We have twelve network printers in our remote location. We've recently enabled dot1x authentication on a switch. In order to limit the number of unprotected ports, we would also like to enable authentication on network printers. Since using ce...
Dears,We have ISE 3.2 VM and we want to purchase ISE hardware Appliance. so we want to know what is the procedure that we can take to migrate the configuration from the VM to the hardware. how we can do it? Thanks in advance
Hi, I'm getting my moneys worth from the community this week I have a 9800-40 WLC running 17.3.4c which is integrated with DNAC for SDA. Fabric wireless works fine apart from micro-segmentation with SGTs. If I log into the WLC and run a "show cts en...
HelloMy company deployed ISE for LAN network for staffs desktop PC.But I found that Windows 11 PCs are unable to connect RDP. If ISE applied on that network port.The network switch port have the below setting:If a target Windows 10 PC connected to th...
Hello people,I am rolling out several dACLs via ISE on the network.So far, everything has worked wonderfully. Here and there, of course, an ACE is missing, but that could always be analyzed and fixed in a short time.But now I have a behavior with Ige...
Next year we need to migrate our deployment (2 ISE 2.7 on SNS-3515) to new hardware and newest version.My plan is to install new hardware, add it to the existing deployment and remove the old ones.I was searching for some information about compatibil...
Hi, we have several Cisco 3850 switches (WS-C3850-48P) that are all experiencing the same issue with various devices. We have printers and laptops that take several minutes to obtain an IP address. Sometimes the radius server sees the devices succe...
After I configure the Network Policy server I have this problem.When I remove the exec authorization local I can't get in Password required, but none set% Error in authentication.SWITCH>I have seen some suggestion to remove the framed-Protocol = PPP ...
Hello guys,I'm deploying the ISE posture policy and I run into the AnyConnect Posture return "No Policy Server Detected" as shown below. The switch and machine are able to reach to the ISE ip and dns name.I created the ISEPostureCFG.xml file and save...
Can I have different policies point to different certificates for authentication with EAP? when I try to create a different EAP certificate I get a message saying that the already available EAP certificate will be replaced. If this is not supported a...
Hi For ISE BYOD the certificates are issued and stored internally on ISE. On ISE the BYOD certificate template only allows the Common Name for the certificate to be the UserName.My users credentials are hosted on an LDAP server so when the user is on...
Hi all, I am using ise 2.4 with windows AD for my environment's 802.1xI am using both user and machine cert authentication. I have also enabled the option "always perform binary comparison" for both my user and machine cert authentication profile. Wi...
I recently worked with a customer that is deploying Juniper EX switches with their existing ISE 2.6 cluster for NAC. We found that the currently available Network Device Profile for Juniper EX switches did not provide the ability to perform CoA actio...
Hi all,I try to understand a concept of the Cisco TrustSec system.On a network, I always used (until now) the binding of SGT to VLAN: this work well.For now, I want to go one step further and to statically bind some specific IP to an SGT.For example:...
Hello,I would like to configure several guest/sponsor portals on my Cisco ISE deployment and use them as a result in authentication policy for guest SSID (different sponsor/guest portal depending on location, WLC etc.). Just to make sure: I can crea...
