I have Qualys scan in the environment and it pickups the following with Cisco ISE 3.0 patch-5, 3.1 patch-7, and 3.2 patch 3:TCP Sequence Number Approximation Based Denial of Service (QID 82054)https://success.qualys.com/support/s/article/000002879 An...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
When I display the endpoint table in ISE, I have a column called "NAD port ID".How to use the REST API with an endpoint ID to get the "NAD port ID" (Network Access Device port ID) to which endpoint is connected ?The same question applies to the colum...
Dear all,I recently installed the operating system version for Cisco ISE 3.2 Patch3, on my deployment(Two Nodes)And I tried to configure authentication for PCs and users, using the TEAP protocol.With internal method of EAP-TLS type.The authentication...
HiI have Cisco ISE, and our access layer operates at Layer 3. We have VLANs A, B, and C, and our objective is to prevent traffic from VLANs B and C from reaching VLAN A.All our access layer switches are configured as Layer 3. Is it possible to implem...
I have a LLDP device that I would like to use the LLDP MED attributes of Manufacturer and Model to profile against. When I am in ISE under policy/policy elements/conditions/profiling/profiler conditions and select LLDP, the dropdown only seems to li...
getting error on Cisco catalyst switch WS-C2960X-24PS-L and C2960X-UNIVERSALK9-M version15.2(4)E6 as :000371: Sep 13 19:38:28.109: EPM_PLUGIN_REDIRECT_ERR: ACE item addition onto the interface failed eitherdue to lack of memory, syntax error or the A...
Hi,We want to allow some ReadOnly users to do show running command with nexus switch but not allow them to still make any change configuration. It seems RO users can put some commands but they can't put show run command yet. Following snapshots are o...
Hi,We want to allow some ReadOnly users to do show running command across network device but not allow them to still make any change configuration. It seems RO users can put some commands but they can't put show run command yet. Following snapshots a...
Hello, I've recently created "MAB Client Installation" authorization policy on Cisco ISE. It has three conditions all of which have to be met in order for the policy to match.- Network Access: Netwrok Device Name equals xxxxxxx- Normalised Radius·Rad...
2 ISE deployments with different System certificates.The original deployment was built with System certificate using RootCA Sha1 this has been in place all the way to 2.7.Now the new 3.2 deployment system certificate as a new root and intermediate ce...
Hi Team,What is the best way to allow access to O365 via FTD? Can i use the applications such as office 365 and allow ANY ports will allow access to Office 365 apps? Is it any Security risk? Or any other best way other than this?Regards,Sanjay S
Resolved! Cisco ISE 2.7.0.356 VM EOS Date
Hello All,I currently have a Cisco ISE 2.7.0.356 VM running on a Red Hat Enterprise Linux 7 (64-bit).Would you happen to know the best way to find out the End Of Support date for the VM?Since its a file would it be wise to create a Cisco TAC ticket t...
Hi, i bought a gx50 firewall meraki go plus and when i started working i noticed that it automaticly block sites i need to use for work. They are totally healthy sites. I tried to google but i cant find anywhere how i can add a site to the firewall t...
Hi colleagues, Im trying to find the best way to make an upgrade of my UCS C-220 CIMC (that host an ISE Server). I found two possible ways to make this upgrade: Option 1: Upgrade from .ISO image (currently recommended Fw version) Option 2: Upgra...
Hi all;I have two ISE 3.1 (for HA) with Patch 5 in my production network. Several days ago, I decided to update ISE to Patch 6. So, uploaded the patch file onto the primary ISE internal storage and then through the CLI, updated it successfully. But, ...
