When defining a posture policy, if we have 3 separate policies with the same conditions {id group, operating system, other conditions}, one with requirements for AV and one is Anti-spyware and another one is Anti-Malware. It doesn't have to meet al...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
I have a question about ise license. I want to install ise 3.0 or higher version on vm. Does the basic license apply from 3.0 or higher? Or is it limited to 90 days?license
Hi,Is it possible to integrate Kandji MDM with Cisco ISE?I have been looking for guides but so far not found any.Our company uses Kandji MDM for the management of Apple devices and we want to integrate it with ISE to enforce NAC. I have just finished...
Hi All,I would like to know if it’s possible to create different posture policies for wired and wireless endpoints. For example, since wireless users typically use laptops and are roaming clients, the Cisco Umbrella service must be checked. However, ...
Hi, We have a two-mode ISE 2.7 Patch6 deployed.Recently we rolled out 802.1X to all our customers Windows10 laptops and desktops with EAP-TLS. The majority (98%) of the users can login to the network without any issues. Some users get this error mess...
Hi, I've configured a Cat9300 running Gibraltar 16.12.3 to retrieve its CTS PAC but it is not working. This is my current config: 9300-access#sh run | sec radiusaaa group server radius ise-pacserver name ise-pacaaa authentication dot1x default group ...
Hello Cisco ISE lover, Currently, I have an inquiry refer to posture process. As we have Pending and Complaint status for DOT1x (Supplicant) wired connection. Base on your experience, does Posture process will cause/delay/slow for window PC logon pro...
If we have smart net license for 8 ISE VM (R-ISE-VMC-K9=). If we need smart net support do we have to apply for all 8 node ?
Hello AllWe are running flexconnect wifi and using the same ssid across multiple sites.We want to deploy a splash page at each flexconnect remote site for one of our ssid's We do not want to deploy all sites at the same timeSo is it possible to authe...
We've having some debate internally around when DNAC needs to log into ISE via SSH. In our environment ISE and DNAC are owned by 2 different teams thus we want to limit who knows what credential. What happened was because we learned that the SSH cr...
Environment is 3.3 patch-4. I have a configuration backup and an operation backup scheduled daily at 12am and 2pm, respectively. The operation backup is working fine but the configuration backup is NOT. I can manually backup the configuration from...
Dear Cisco lover, We would like to seek your support on case not functional IoT device when we perform Closed Mode on cisco ise such the MAC addresss can't be learn on switch port. Once we configure on switch with Low Impact mode, the IoT device is ...
I am looking for some documentation on the integration between Cisco ISE and the Huawei AC wireless controller to validate compatibility, on the side of Huawei I found the following link:https://support.huawei.com/enterprise/en/doc/EDOC1000113779/19c...
Hi, I have an ISE running version 3.3, and I have the Aruba IAP running Aruba virtual controller. I'm trying to use ISE to generate a captive portal for the wireless users. Now the users are able to get the portal but once they are authentoicated, th...
Hi guys,i guess some of you are securing the AP switchports with 802.1x (EAP-FAST or EAP-TLS) and i was wondering if using SCEP for automatic certificate issuance and distribution works reliably. What is your experience with SCEP and EAP-TLS on C9800...
