Hi,I was using a CA signed wildcard certificate for the Admin portal of Cisco ISE. it was succesfully installed but when i browse to the admin portal it shows not secure certificate is not valid. i stil can see the wildcard certificate in the certifi...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
Resolved! trace route to ISE interface
Hi there,I am attempting to do a trace route from a switch to an interface I have on a my ISE server however it is getting blocked. Does ISE (v2.6.0.156) have some sort of firewall that could be blocking the trace attempt? Thanks!
Team, below is my current deployment: ISE1 : Admin and MnT personas SEC(A), PRI(M)ISE2 : Admin and MnT personas PRI(A), SEC(M)2 PSNs. In preparation of ISE upgrade from 2.3 to 2.7, I would like to promote ISE1 primary, ISE2 Secondary in order to star...
Good day, I'm trying to use a Cisco ISE for a Radius server using AD with checkpoint VPN, yes, it sound confusing, I Know. We use checkpoint for our client to site VPN connections and we tried to integrate it with our AD server but for extern...
Hi,A customer have an ise 3.1 deployment with some captive portals enabled. We see different license consumption from different places.In ISE we get a big ammount of licenses consumption, >1000 essential licenses. In Smart Account we get only 156.In ...
Something I have learned this week the hard way:Don't install Cisco ISE patches using the web UI and login the same time with SSH for checking patching progress. It prevents the node from booting.Very odd that the upgrade procedure via web UI has all...
Hi friendsrecently we upgraded the ISE system from 2.4 to 3.0. since then we get this error message.Alarm Name :Active Directory diagnostic tool found issues Details : ACTIVE_DIRECTORY_DIAGNOSTIC_TOOL_ISSUES_FOUND need to completeDescription :One or...
Resolved! ISE 2.7 API Endpoint Update Time
Hi all,I am writing a script that gathers endpoint details from ISE to work with further on. Using the monitoring API I can get all active info about an endpoint, using ERS API I can get some static info. Now, when you export all endpoints, you also ...
Hi everyone,short version: anyone knows which value ISE searches in AD when, through a Certificate Authentication Profile, ISE verifies the values "Subject - Common Name" or "Subject Alternative Name" found in the certificate (Certificate Authenticat...
Resolved! cisco ISE
How can I order Cisco ISE for a new deployment on the cisco SNS? I tried to find the base lic( L-ISE-BSE-250=) and the replacement L-ISE-BSE-PLIC but didn't find it, so please, any advice about the new part number?
We are planning the install of a new ISE 3.1 deployment and I have been asked to evaluate the pros and cons of installing the required SNS-3695 appliances within our data centre and physically connecting to our ACI fabric production tenant.I have rev...
HiLast year upgraded our deployment from 6 PSN on 2.2 to 4 PSN on 2.7, this was due to 2 PSN being hardware and couldn't upgrade.1 of the 2 PSN on 2.2 I turned in PAN, so could be used as a LAB. Enable them yesterday to test a feature but noticed th...
Hi All I m setting a new Network for one of our remote sites and looking to add some Meraki access points for Wifi connectivity . These were initially used for a different site and getting re purposed for the new place . The APs are being managed th...
Resolved! Authenticate on UPN and or SAM Logon
HiISE 2.7, patch 7So using Intune for BYOD, some users are having issues connecting, The UPN and SAM name doesn't match, so need to add userprincipalname to the attributes.My manager is very risk oversee, so just want to check that there is no issue...
When the iOS devices (iPhone, iPad) downloading a profile using native supplicant. After downloading profile, iphone or ipad do not automatically selects TLS on the SSID. it reconnects with PEAP. it needs "forget the network" and reconnect again wi...
