Hi,I’m trying to integrate Cisco ISE and AD.I’ve successfully joined ISE with AD and the status is operational.The problem is when I tried to retrieve group from AD, only group that are part of Buildin OU and Users OU are shown in the lists.We’ve cre...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
Hi All,I would like to understand if virtual machine hosted on cloud (Azure, AWS etc) can authenticate through Dot1X or MAB by on premise Cisco ISE?Thank You.
Hi, We have a two-mode ISE 2.7 Patch6 deployed.Recently we rolled out 802.1X to all our customers Windows10 laptops and desktops with EAP-TLS. The majority (98%) of the users can login to the network without any issues. Some users get this error mess...
Resolved! Cisco ISE On-premise - Azure HA
Hi Does anyone know whether it is possible to build an HA deployment for ISE between an on-premise ISE server and ISE deployed on Azure? I haven't found documentation related to this. A customer wants to deploy ISE on Azure, but they are consulting a...
Resolved! ISE AD Lookup fails
I have a problem with an AD lookup which is driving me nuts.We are using maschine certificates for authentication and AD-groups for authorization policies.We don't have any problems with Windows devices.Now we are trying to include an Apple OS X devi...
Resolved! Sponsor portal FQDN
HiI have a guest wireless solution where clients that authenticate to any one of 2 ISE's in a deployment get redirected to the same ISE for the Guest portal but on different URLs.So for ISE-1 I put a host entry on its CLI pointing to guest-1-mycompan...
Hello guys, i deployed a new node on my ise environment and i'm trying to import the ca key pairs from my repository via cli but i receive this error: "Certificate files import from Repo failed, please verify repository settings" this is very s...
Resolved! ISE 2.3 Context Visibility issue.
I have a Cisco ISE 2.3 with no patch installed. Recently when I open the context visibility tab it gives me an error msg... "Unable to load Context Visibility page. Ensure that reverse DNS lookup is configured for all Cisco ISE nodes in your distribu...
Hello Guys,I need a help is configuring posturing for mac os systems based on file condition. I didn t find any document for this. We already have posturing working fine for windows based system.The auto deployment of clients/ client provisioning mus...
Resolved! Feed services certificate expiring
Hi Experts,Running ISE 2.7 patch 7.The following notification was recieved that the feed services certfiicate will expired in another 7 days time. How is this certificate renewed or is this certificate even required.The downloads section list that t...
Hi I have a question around compatibility between UniFi Wireless LAN controllers/WAPs and ISE guest portal.I believe UniFi controller should understand and use RADIUS vendor-specific attributes below to redirect wireless guest clients to the ISE gues...
Hi Experts,We are in the process of joining a crashed back to AD.Issue:AD user has certain rights removed due to security concerns.It was later determined that this user will need to have domain admin rights to be able to join AD.AD team has a concer...
Hi, I need to clarify somrthinh with SGT Policies.We have a SD-Access network, with 4 ISE (2 PAN/MNT and 2 PSN) and DNAC.SGT and Policies are configured in DNAC and then Pushed to ISE. From what I can see the switches look to have the SGT policies bu...
Resolved! Question about CoA
I've read through the great design guide on ISE profiling and have a question about CoA based on what I have observed with my deployment. I have a policy set with authorization rules that do not reference any profiles. I can see clients that match th...
We are currently using RADIUS for aaa authentication and authorization for both 802.1x as well as, logon to network devices. We need to implement a 2 factor authentication solution for logging into network devices. Is there guidance published to impl...
