Network Access Control

So upgraded to 2.7 from 2.4.   Guest portal and redirection not working now.Just allows internet access without pop up page.When I run the Portal test URL this fails.The bind is correct to Gi1 but if I change it to Gi0 the test page works but this is...

Hi all!  I got a fun one today   I was updating our ISE cluster with two admin nodes and two PSN nodes. The primary admin node and one of the PSN nodes was updated from 2.4 to 2.7.9.356 but the update halted when the remaining PSN node had low disk s...

I am testing wired port authentication using MAB with the IBNS 2.0 method. Everything is working as expected. However, I want to create a policy that authorizes voice devices immediately.I tried the following config, but the switch still tries to aut...

Hello All, Our client has multiple large deployments with 25-40 nodes in each cluster. These are all physical boxes. Some are SNS 3595 and some are the newer 3695. We monitor these servers using syslog and SNMP on splunk and NNMi. Currently we monito...

Hi friends, I created a new user going through the TUFFIN system in ISE with privilege of 3, in addition I limited the user to specific commands through the COMMAND SET.But it does not work, when I check in the logs  I see that the request goes to SH...

Hi all - I've been going through the reports in ISE but having a hard time finding one that shows where all the base licenses are being consumed.  Is it in the active sessions or should I be pulling he RADIUS accounting reports and filtering them?  I...

I have a basic question about ISE sizing. We bought it and plan to use it only for Tacacs authentication (no NAC). We will have around 150 switches requiring authentication.Do you think we can do this with the “small” OVA (Virtual SNS-3515 OVA - ISE-...

I am sending CDP attributes to ISE during endpoint authentication. I am struggling to use these attributes in an authorization policy. I want a policy that matches if cdpCachePlatform contains 'Phone'. So far, the policy does not match.This is the po...

Hi,Platform: Cisco ISE 3.0When adding custom html using the Page Portal Customization, I have added the external image/video URL in the HTML source code in Instructional Text, Optional Content 1 or Optional Content 2 section, the image/video does not...

I have a ISE 3.1 spun up in a lab and I am looking at the portal customisation. The documentation states it needs to be enabled.Enable Advanced Portal CustomizationCisco ISE allows you to customize the content that displays on your end-user portals. ...

Android OS v12 BYOD process not working with ISE version 2.6 patch 10  but working for android OS lower than v12 ! why? any idea why?

Hi,We are integrating a solution for integrity check, which will SSH to the devices and run the "show running-config" or any command that displays the configuration. The ISE CLI user "read-only" does not have the privilege to run the "show running-co...

Hi all, hope to find everyone wellI found a topic from 2014 about this subject that stated that 802.1X couldn't be applied in trunk links, but I've read as well in a Cisco article that 802.1X could be applied in trunk links. Is this true?I asked this...