Hi All,I would like to understand if virtual machine hosted on cloud (Azure, AWS etc) can authenticate through Dot1X or MAB by on premise Cisco ISE?Thank You.
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
Resolved! Cisco ISE On-premise - Azure HA
Hi Does anyone know whether it is possible to build an HA deployment for ISE between an on-premise ISE server and ISE deployed on Azure? I haven't found documentation related to this. A customer wants to deploy ISE on Azure, but they are consulting a...
Resolved! ISE AD Lookup fails
I have a problem with an AD lookup which is driving me nuts.We are using maschine certificates for authentication and AD-groups for authorization policies.We don't have any problems with Windows devices.Now we are trying to include an Apple OS X devi...
Resolved! Sponsor portal FQDN
HiI have a guest wireless solution where clients that authenticate to any one of 2 ISE's in a deployment get redirected to the same ISE for the Guest portal but on different URLs.So for ISE-1 I put a host entry on its CLI pointing to guest-1-mycompan...
Hello guys, i deployed a new node on my ise environment and i'm trying to import the ca key pairs from my repository via cli but i receive this error: "Certificate files import from Repo failed, please verify repository settings" this is very s...
Resolved! ISE 2.3 Context Visibility issue.
I have a Cisco ISE 2.3 with no patch installed. Recently when I open the context visibility tab it gives me an error msg... "Unable to load Context Visibility page. Ensure that reverse DNS lookup is configured for all Cisco ISE nodes in your distribu...
Hello Guys,I need a help is configuring posturing for mac os systems based on file condition. I didn t find any document for this. We already have posturing working fine for windows based system.The auto deployment of clients/ client provisioning mus...
Resolved! Feed services certificate expiring
Hi Experts,Running ISE 2.7 patch 7.The following notification was recieved that the feed services certfiicate will expired in another 7 days time. How is this certificate renewed or is this certificate even required.The downloads section list that th...
Hi I have a question around compatibility between UniFi Wireless LAN controllers/WAPs and ISE guest portal.I believe UniFi controller should understand and use RADIUS vendor-specific attributes below to redirect wireless guest clients to the ISE gues...
Hi Experts,We are in the process of joining a crashed back to AD.Issue:AD user has certain rights removed due to security concerns.It was later determined that this user will need to have domain admin rights to be able to join AD.AD team has a concer...
Hi, I need to clarify somrthinh with SGT Policies.We have a SD-Access network, with 4 ISE (2 PAN/MNT and 2 PSN) and DNAC.SGT and Policies are configured in DNAC and then Pushed to ISE. From what I can see the switches look to have the SGT policies bu...
Resolved! Question about CoA
I've read through the great design guide on ISE profiling and have a question about CoA based on what I have observed with my deployment. I have a policy set with authorization rules that do not reference any profiles. I can see clients that match th...
We are currently using RADIUS for aaa authentication and authorization for both 802.1x as well as, logon to network devices. We need to implement a 2 factor authentication solution for logging into network devices. Is there guidance published to impl...
Resolved! TACACS via vrf
Hello everyonethey asked me to configure access to the ASR devices via tacacs + via VRF, while if I log in via IP in global i have to use local credentials.Do you think it is possible?
Hi,I want your help about a domain change in my company, which will affect Cisco ISEWe have already register our Cisco ISE VM's with an FQDN which includes the legacy domain of my company.Our case is that we want to change from ise1.xxx.gr to ise1.yy...
