Resolved! SAML Sign-on for Cisco Software Portal?
Does anyone know of a way to integrate the Cisco Software Portal sign-in with Microsoft Azure AD such that we can use our Azure AD Creds to authenicate to cisco.com?
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
Resolved! ACL and Firewall Rules
In terms of security, what is the best way to help harden a network regarding Firewall Policies and ACLs on switches?For example, lets say I create a rule on the firewall to block 192.168.1.0/24 from talking to 192.168.2.0/24. Should I also create an...
Hello all,Not sure if this is the right forum or if I should post to the Switching forum, but I'll start here. : )We're starting to implement NAC in Monitor Mode on several of our switches, and we have a fairly mature ISE instance. We have someone el...
We are in the process of moving from ISE 2.7 to ISE 3.2 and I am having real difficulty with the new user interface, specifically when selecting authorization policy results.The ISE 2.7 UI is perfectly clear and usable but the ISE 3.2 one is extremel...
Resolved! Disable guest and sponsor portal on ISE
Hi, Is there a way to disable default guest and sponsor portal ? I am running nmap scan on ISE and port 8443 and 9002 corresponding to guest and sponsor portal are open. I don't have guest use case so I am looking to close them but don't see an opt...
Hello, Has anyone deployed a Guest Portal 'exposed' via the Internet to cater for SD-WAN Local Breakout Guests? A second Interface (or another) is assigned to provide the Guest Captive Web Portal. The primary interface is reserved for the Management ...
Resolved! Cisco ISE RHEL WS authentication failed.
We have RHEL8 Workstations in our environment that are failing dot1x authentication using EAP-TLS. We are attempting to perform cert based dot1x authentication but getting no help from Red Hat at all. Linux machine is configured with EAP-TLS with no ...
Resolved! Cisco ISE 3.2 and Axonius PxGrid 2.0
We recently upgraded our ISE deployment from version 2.7 to 3.2 which came along with a PxGrid change from version 1.0 to 2.0.We have Axonius using PxGrid which worked when we were on ISE 2.7, but it doesn't want to work with ISE 3.2. I know PxGrid 2...
How does the guest wireless login doesn’t expire for 30 days when we use AD credentials to log in?
Our Cisco ISE environment has recently encountered issues when attempting to create configuration backups. When we try to create a backup of the configuration, we receive error messages (Backup Failed: Server=SL-PAN01; Message=ISE INDEXING ENGINE BAC...
Hi, all. We are having a little trouble using the correct operand in an authorization condition, here is what we are trying to accomplish: In our 802.1x environment, ISE is profiling all devices, including the printers. Up untill now, all printers (d...
Resolved! ISE 2.7 Radius suppression and CTS
Hi all!We're using Cisco Trustsec in our Branch Office and currently investigating an interesting issue - it looks like Radius Suppression does not work for endpoints connected to NADs onboarded for CTS.As a result we see all of the failed attempts (...
Resolved! ISE 3.2 patch 4 installation failing
hi everyone, I successfully deployed a VMware VM running 3.2 with RHEL 8 / ESXi 7.x and was able to install with no issues patch 2 and 3 on this version. However, I cannot install patch 4 no matter what. I verified the CHECKSUM of the file downloaded...
Hi, We are having ISE 2.7 patch 9 and it is used for for endpoint posturing. For unknown clients posture reduction we have enabled the http and https redirection on cisco NAD switches. But now we have reported http and https vulnerability from our SO...
