Hi! While i am aware that SNS 3615 can still support ISE 3.4, I am kind of anxious whether the appliance's resources can. Say for example the storage, memory. I cannot find any public document stating the hardware specs required for the upgrade. Or I...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
Resolved! Pushing object groups dACLs through ISE
Hey all, Is it possible to push dACLs containing object groups to the switch? Do I need to configure the object groups locally on the switch or can it be pushed too? My main goal is to minimize the amount of ACEs, in order to do so I want to group a ...
Resolved! PAP Authentication Protocol
Dears, when I do ssh to switches the authentication protocol and in authentication details in the attached snapshot I see the protocol as a PAP_ASCII which is been used. As I know the PAP is clear text password authentication protocol, so how I can ...
Am having a persistent Anyconnect vpn disconnection with the an error relating to MTU. It has been working well until I started getting continuous disconnection after a minute or less. At first I though to be related to network stability from the c...
Hi,I set a web auth guest portal that work in mab, After dot1x auth, in case of the PC attached Is not in out Network.The problem Is that if there are PC's that have the 802.1x set in Windows with smart card or other, the portal appears after 5 minut...
We have a customer who wants laptops to only connect to the corporate Wi-Fi. If the corporate SSID is in range.This worked well with Cisco AnyConnect NAM, but now they need to use the native Windows supplicant..Is there a way to do this without NAM? ...
Hello Team,We have integrated Aruba-CX switches with Cisco ISE for Endpoint profiling. Cisco ISE is configured to use FQDN and other attributes to identify and profile endpoints such as printers, IP phones, etc.However, we've observed that the FQDN a...
Hi guys,I´m using ISE version 3.1 with Aruba Access Point.From RADIUS Accounting Report, there are information about START and STOP, but I CANNOT SEE Account Status Type equal INTERIM-UPDATE.Analyzing the absence of interim-update logs of the radius ...
Resolved! ISE Dot 1 X Authentication
Hi, I would need some help here. We have an Internal PKI Server integrated with AD and ISE as the AAA server authenticating users and devices. All domain users and machines are automatically placed on internal VLAN upon the dot1x EAP authentication. ...
HiI have a non window/ios/android device that uses security protocol "WPA2-PEAP-RADIUS" to connect to our corporate network.Our device only require SSID, Username and Password input to join the network. Previously, it was working fine until a recent ...
Hey,I'm doing a new pilot to test some stuff.I'm trying to authenticate a PC with external certificate. I create a new policy that checks the "Issuer - Fingerprint SHA-256" but for some reason when I'm looking in the ISE Radius logs all I see that th...
Hi all; Based on Ubiquiti admin guide for RADIUS CoA supportability in APs line of products, you must satisfy the following requirements from the RADIUS server point of view: By default, Ubiquiti APs send NAS IDs to RADIUS server based on BSSID para...
Resolved! Cisco ISE and Google Gsuite LDAP
Hi Everyone, I just read that Google Gsuite expose also an LDAPS connection, I would like to know if anyone had a chance to test it and eventually if it allows to retrieve Google identity attributes (groups, etc) with Cisco ISE. I am considering the ...
I need to create a read only custom privilege level for an automated service acct that can execute the show run and show tech commands. I used privilege level 2 for the radius authentication and have the below commands set on my test switch. I am abl...
Resolved! Update DNS in ISE really this hard/bad?
OK, I'm on 3.3 patch 4 and we need to change the DNS IPs. We currently have 2 and when I tried to add one, it says it needs to reboot, so I said no so I could remove the 2, then add the new second. Problem is when you say no it does not save your cha...
