Primary ISE node (Serving Admin and Monitor personas) is showing two of the PSNs as "NODE-NOT-REACHABLE" under Replication Status on Deployment page on GUI. It can ping the PSNs and PSNs are actually registered to the Primary admin/monitor node. How ...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
Hello communityWe have built a Cisco ISE guest portal (sponsored portal) with login. In addition a Cisco WLC, which redirects the guests to the Cisco ISE portal. The authentication of the guests works without any problems. Unfortunately, the Authenti...
Hello!For a customer, i'd like to configure two captive portals respectively tied to two SSID (different usage). However, i'd like Guest Type to be tied to one of the captive portal/SSID, basically : - GuestType "A" can only authenticate to GuestPort...
Resolved! 802.1x recommendations
We are wanting to start using 802.1X on our network. I have no experience with it at all. I was wondering if anyone could provide recommendations on implementation strategies, pitfalls to watch out for, and what options are available.Some of the area...
Greetings all, Is anyone aware of a recent issue related to AUP page on Guest portal simply looping when AUP accepted via iPhone (18.3.2, 18.5.x) CNA? ISE is 3.2 patch 7.User scrolls AUP to the bottom, then clicks the now-active Accept button, then t...
Question - is this just a cosmetic error or the server will indeed restart even if I did not change the SHA1 settings?
Hello,I have a question about performance when using EAP-TLS and PEAP-MSCHAPv2 versus PEAP-EAP-TLS. Referring to the Cisco link: https://www.cisco.com/c/en/us/td/docs/security/ise/performance_and_scalability/b_ise_perf_and_scale.html#reference_dfk_mj...
Resolved! CIMC interface not working on Cisco 3615
Hello,Facing an issue. We have a Cisco 3615 ISE appliance. It was set to factory default both ISE (linux os) and CIMC firmware. Now CIMC interface is not sending any ethernet packet to switch. Switch is not able to learn MAC address of the CIMC port....
We are using default self sign certificate for EAP authentication in ISE and that certificate is being used for supplicant configuration on endpoints. Now this certificate is expiring, so if i choose an option available to renew default certificate o...
Resolved! Cisco ISE 3.2 with Azure AD
Hi all, About the configuration between ISE EAP-TLS with Microsoft Azure ID, i have some doubts: https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/218197-configure-ise-3-2-eap-tls-with-azure-act.htmlProcedure: The certifica...
Dear community, I plan to implement dACL on the network with ISE. I went through a lot of posts, and documentation and I saw that "ip device tracking" can be used to replace the "any" statement in the dACL with the IP address of the endpoint which lo...
I am running ISE 3.1 patch-5 on SNS-3655 and for the past two weeks, I am getting these messages via email every hours from the ISE:- Smart Licensing Authorization Expired: Details=AuthorizedPeriodExpired.- Smart Licensing Id Certificate renewal fail...
All,I am trying to pull the configuration from the ISE DevNet Always On sandbox - https://devnetsandboxise.cisco.com - using the python script pasted below and I get the following error: import paramikoimport timeimport tkinter as tkfrom tkinter i...
I believe I'm encountering an issue or a conflict between the non-configurable 5 minute ISE External MDM heartbeat interval and the equally non-configurable 4 minute Azure Public IP outbound idle timeout setting and I'm curious if anyone else has exp...
Hi Mates,We’re planning to roll out EAP‑TLS and I’d like to tap into your experience. What prior considerations, best practices, and potential issues or challenges — either before or after rollout — should we be aware of?Thanks in advance for sharing...
