Does ISE supports configuration and operational backup restore from 2.6 to 3.2 version?
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
I have configure a user in privilege level 5 and I want it to be able to write and change ACL's.config :privilege interface level 5 ip access-groupprivilege interface level 5 ipprivilege configure level 5 access-listprivilege configure level 5 ip acc...
Is it possible in ISE to see what was the IP assigned in the past to a particular endpoint/user device (like what was the IP device get then after some time or re-authentication, which IP is used)?And how any days of logs we can get from Cisco ISE?
Resolved! Connect 802.1x Device to Non 802.1x Port
Hi, Is it possible for end-user device which the LAN port has been configured with 802.1x EAP-TLS to connect to non 802.1x switch port (the switch port just configured access vlan only without any 802.1x configuration)? Thanks
Resolved! Cisco ISE AD probe
Hi,I'm trying to profile corporate assets without doing any kind of posturing.Was excited about the Active Directory probe but I've hit some limitations. According to some documts the to trigger the active directory probe, ISE must get the host-name ...
Hi All, We have deployed Cisco ISE 3.0 Patch 7 for one of our customers. We are using Cisco Secure Client (formerly AnyConnect) for posture checking. Cisco Secure Client has been installed on all endpoints via third party tool "Manage Engine Desktop ...
The server team will be replacing the existing AD servers with new ones shortly. The new servers have been added to the network using new hostnames and IPS and will live side by side the old servers until everything else is confirmed OK at which poi...
Dears,if i want to do basic 2 redundant implementation, 2 nodes at HQ (carrying all personas) and 2 nodes at DR (carrying all personas). What's the max active sessions? do I need double license count (one for HQ and one for DR) as the Admin persona a...
Resolved! REST API for DACLs Not Accurate
I don't open TAC cases for REST API issues because I don't have the time. I am just posting to see if this is a known issue on 2.4 patch 6. The current policy export XML file doesn't contain the contents of the DACLs (another issue that should get...
Hi all, I am unable to delete profiler condition, it shows message like this "Unable to delete check. com.cisco.cpm.nsf.api.exceptions.NSFCheckDeletionException: com.cisco.epm.pap.api.exceptions.IntegrityViolationException: Can not delete the rule wi...
Resolved! Force Authenticate/Authorize Endpoints
Hello everyone, I was wondering if there's a way to force authenticate/authorize a specific endpoint (or group of endpoints) using ISE GUI in case of a failure or t-shoot needs. For example, let's say that the CEO's workstation is not passing 802.1x ...
Hiwe have deployed ISE cisco with policy Wired for 802.1X with nam profile, after inject cable computer connect and success in anyconnect, after few second working fine, all trafic in browser internet are reset connection, and local network normaly s...
Customer stated that for ISE 2.2 TACACS when they force the “change password at next login prompt” it only works when admin user connects to a device via telnet, not via SSH. These are local ISE accounts. "The challenge customer is facing today is ...
Resolved! ISE SNMPv3 deleting username design flaw
Hello, All versions of ISE that support SNMPv3 (including ISE 3.1) have an annoying design flaw in the implementation. I can't find a way to delete an existing SNMPv3 username on the CLI. The CLI wants to know the original auth and priv password. I ...
I am doing evaluation for the cisco ISE device admin demo license, but users are able to authenticate properly and hit proper authorization policy but i can't enforce restrictions using command sets in the authorization policy *************my switch ...
