Hello,We have configured AAA authentication on our routers with RADIUS server authentication. As a backup option a local user and enable secret password has been configured.So far RADIUS server is working fine so there was case to test the locally c...
I have a two-node VM ISE deployment on version 2.7.0.356 that is running into IO read / write issues and need to move them to different hardware. I have two new BE7M-M5-K9 servers with enough available resources. Can I do a cold migration from the IS...
I want to test passive ID with AD integration, not WMI, and I am reviewing this document:https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/pic_admin_guide/PIC_admin/PIC_admin_chapter_01000.html#task_784A7F6991594B11B1BAD206FDCD249BI’m asking abo...
Hi,I have the following situation currently running a 2 node ISE cluster version 2.6. The hardware needs to be replaced by virtual appliance and would like to upgrade to version 3.1 in the mean time. I would also like to maintain current IP's.What ...
- FYI : https://www.cisco.com/c/en/us/support/docs/field-notices/724/fn72427.html M.
Hi all,i'm dealing with a strange behaviour for profiling (with device-sensor) in ISE 2.7. Cisco config for LLDP filter list is shown below:device-sensor filter-list lldp list LLDP_LIST tlv name port-id tlv name system-name tlv name system-descrip...
Before I ask questions I would like to give some background on why I am asking. My company is currently using Cisco ACS to access our network equipment via tacacs+ and radius. We use Cisco for pretty much everything but we do have quite a few HP swit...
HelloI configured 802.1X VLAN Assignment but after login still can't accessSwitch Configuration:aaa new-modelradius-server host 10.13.0.253 auth-port 1645 acct-port 1646 key 7 0803488D0A28244541aaa authentication dot1x default group radiusdot1x syste...
Hello,I´m trying to configure ldap authentication for a switch Cisco Catalyst but I got LDAP: LDAP doesn't support interactive login although the local test using test aaa authentication group has been successful. Have any of you been capable of conf...
Hi i have a problem with the integration ISE and stealthwatch Pxgrid. The integration is fine but the final status in ISE client is (offline XMPP). Stealthwatch dont show the username only show the IP address (integration Stealthwatch with Active Dir...
We found this thread: https://community.cisco.com/t5/network-access-control/ise-operational-backup-content/td-p/4184440 where it indicates that the Operational Data Backup contained basically RADIUS and TACACS logs.We log most RADIUS and TACACS data...
Is there a way to have the ISE admin and TACACS admin accounts be the same name? ie: For ISE admin under "administration/system/admin access" have "bill.smith.admin". And under the "work centers/device administration/Identities" have the same acco...
Hello all,Is it possible to use the certificate "Issuer" value for profiling?On the endpoints Attribute page, I see the following fields:IssuerCN=ExampleIssuingCA\,DC=example\,DC=localIssuer - Common NameExampleIssuingCAIssuer - Domain Componentexamp...
Hello Experts,I have a catalyst switch connected to cisco ISE, the ssh session ends after 15 min and we should log in by ssh again,note that we tried to change the session-time under line vty but it does not work, it seems something must be changed i...
ISE can resolved the URL well ,but I just keep getting this error message Can somebody help me to fix this issue ?
