Hello Experts - I have Cisco WS-C2960X-24TS-LL Switches on which I earlier configured the below mentioned Dot1x configuration which was working fine the User was getting authorized and authenticated by the configuration. Now issue is when i configure...
Hi @ciscoCommunity ,I have configure Posture assessment in ISE completely.When I connect my endpoint to switch automatically browser redirected to ISE client provisioning portal when I click on start it is not detecting for anyconnect installation n...
We have a current certificate chain with a root certificate and an intermediate certificate that expires in two months. In our case, we do not use the internal PKI that is built into ISE, but an external PKI where the root and intermediate certificat...
HiCan I do an authorization profile based on what ISE the request hits? In the live logs I see Policy server has the ISE node name and AcsSessionID has the node name at part of that field. I can't see how to use that into in an authorization rule t...
Hi Team @ciscoCommunity @community ,Greetings for the day.I am trying to do posture assessment using cisoc ISE.I have configured client provisioning portal as well. While creating authorization policy in option web redirection Its asking me to Put AC...
Hello guys, I am in a bit of a puzzle, more like Catch 22. I have a very simple ISE 2.1 deployment, two VM servers on same host, same subnet (no firewall in between), running as Primary A/M and Secondary A/M personas on the two nodes. After recent re...
Hi All,I am running two Cisco ISE 2.7 Patch 7 on physical SNS-3515-K9. Doing their expected personas of both being PSN, P MnT, S MnT, P PAN and S PAN and PxGrid. There is also SDA deployment and we have 3 DNAC running 2.2.3.6Every morning I am greete...
Folks, we are trying to search for the correct API's to trigger a CoA with Port Bounce.Here is what we had:https://www.cisco.com/c/en/us/td/docs/security/ise/2-7/api_ref_guide/api_ref_book/ise_api_ref_ch4.htmlHowever, we are having some trouble ident...
HI !We use the ISE2.6 for MAC authentication. It has two ISE server with HA as active standby. If both server shutdown when the ISE not work for MAC authentication. All client is able to access any access point (AP) after ISE server shutdown. Could ...
Hello All! Hope you all are doing ok! Does someone already had to change your tac_plus.conf file to insert the av pair in order to allow tacacs authentication in Cisco ACI ( APIC and switches[Spine/Leaf]) ?I'am trying to edit inserting the av-pair as...
Is possible to customise the email sent to guest prior to their account expiring. At present the email contains the ISE logo. I would like to swap this for my company logo
Hi, I was wondering if there was anyway to create a policy that specifically target Macintosh-Workstation endpoints.My end goal would be that every mac would be challenged with an 802.1x Peap request at connection, rather than just a TLS certificate ...
Hi, I'm having issues getting some IoT devices authenitcating with Cisco ISE. We are running ver 3.1.The supplier says his devices supportTLS_RSA_WITH_AES_256_CBC_SHA256TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256TLS...
HiI am testing a guest portal solution. I have it integrated with my email server but I have to drop off the SSID and onto another to retrieve my credentials. Is there a way where I can register and have a period of internet access where I can retr...
I have started the process of integrating ISE and Tenable to allow ISE to trigger scans on endpoints based on how long its been since the last scan. Now that I have some results I am wondering if I can craft policy sets so that a device is allowed a...
