What is considered a healthy ISE authentication latency? And what is considered to be too high? I have not found anything published on this but am curious of other's thoughts. Thanks in advance.
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
Resolved! How is posture reassessment triggered
I am trying to understand what triggers posture reassessment, in my lab I tested refreshing GPO with gpupdate /force command and the anyconnect system scan restarted, this was reproduced on some computers but not all, I wonder what triggers this and ...
Resolved! ISE and CRL Verification
Hi team,How can I verify that the CRL is actually downloaded in ISE, and it's being used.I don't have the option to test with an endpoint that it's computer certificate is revoked. Thank you,M.G.
Hello Guys, We have 2 ISE Nodes with 3.0 and we have installed Patch 4 in the ISE deployment due to a bug behavior. Patch installation was successful , but secondary node not joining to the deployment. Not sync is the error. We have done the deregis...
I have big trouble to implement 802.1x on OSX clients. Are there any suggested "best pratice" ways to do so?As far as I know OSX only supports user based certificates which is one of my biggest problems since we have some workstations which are share...
Hi Experts,I am trying to configure downloadable-acl (or dynamic-acl dacl) under authorization profile.Under 'authorization->downloadable acls' i have created a dacl with 'permit ip any any' in the name of 'dacl1'.Then under 'policy -> results -> aut...
Resolved! ISE and LDAP configuration
Hello,we have integrated a WLC with an ISE for a customer.The customer has an AD configured with LDAP and Kerberos.Our goal is to have a SSID dedicated to employees, but when the pc clients connect to the SSID they present themselves with MAC address...
Resolved! Cisco ISE - AD Domain Errors
Hi All, Getting some errors in ISE and not sure what the root cause is:ISE_AD_Connector 0000134298 1 0 2022-02-27 14:27:27.753 +00:00 0013036049 25010 ERROR AD-Connector: Trusted domains discovery failed, AD-Domain=XXXXX.LOCAL, AD-Error-Details=The m...
Hi, since passes/failed authentications are not vissible anymore due to lack of flash player support, I am looking for the CLI command to view passed or failed authentications in a friendly way...Can anyone help? Best regards, Peter
Hi, We are looking for dual-factor authentication for office Wi-fi. Currently, we have single-factor authentication using Certificates.How can we implement dual-factor using Certificate and OTP using External Radius server?
Resolved! Cisco ISE compatibility 2.4 patch 9
Hey all, Quick question. Regarding Cisco ISE compatibility which source of truth do you believe? Let's say for instance for ISE 2.4 patch 9. I refer to this document: https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/compatibility/b_ise_sdt_24.h...
We have configured 802.1x wired settings using EAP on AD using group policy and pushed to AD joined clients. On the client pcs, the EAP MSCHAPv2 Properties dialog box is unchecked when connecting and this is same on other pcs though a few have it che...
Dear Colleagues, I learned yesterday that our Terminal Services agent actually CAN put 'IP:port«»user' mapping data into pxGrid and WSA 11.8 is going to be able to read and use that data along AD group info taken through pxGrid 2.0. At least as far a...
Resolved! CIsco C3850 + ISE reauthentication
I neew switch to send authetication link to host , so i can check is there antivirus and any connect on hostSo every thing working fine even fater connection user gets special vlan, then switch gets link ( i can see it in session infprmation) but thi...
How do I correct this health check failure? I am looking to install patch 5. Cisco ISEVersion 3.0.0.458Installed Patches 2,4Product Identifier (PID) SNS-3655-K9 I/O Bandwidth Performance Check 0/10One(or more) failures have occured. "onFailure": "wa...
