Network Access Control

Is there a definitive guide for configuring smart card authentication on NX-OS devices that use TACACS+ on ISE? I found this white paper for IOS-XE but NX-OS is significantly different. cisco-2-factor (pragmasys.com)

Hello! The main goal is to export all our sxp connections (some hundreds) for importing them to another deployment by csv.But GUI do not allow to do it. We decided to get all connections by API, but there is a problem too. The API do not return IP ad...

Hi Team, In our Infra devices have been integrated into the Cisco ISE for device Authentication. I need some help with log fetching.Post tacacs authentication only the end-users can do the device configuration changes. Now one of the users had done t...

Hi all! I seem to be missing the option for Health check on my ISE 2.6 server. Usually it's accessible through the GUI, Administration - System - Health check.  But the menu is gone and also the option to do it under the post upgrade review. Any idea...

Hi guys, Dumb question How ISE validates username's password using LDAP server as the external identity store? Got unsecure (TCP/389) LDAP pcap flows between ISE and the server, doing some check and verification.I do see some search requests/response...

Hello Team, I've trying to configure the authentication of users checking multiple policies on the 'Policy Sets' but no success, I mean, I want to know if the ISE is able to follow the next flow: USER -> Policy 1 - NOT FOUND -> Policy 2 - NOT FOUND -...

I've set the posture lease to perform posture assessment every 10 days, also I've set cache last known posture state to 30 daysWhat happens is the any-connect do system scan (Posture) every time users login to their devices or when users switch to wi...

After removing a certificate from ISE, we get a warning that the server needs to be restarted. Check the image.We proved restarting both nodes and "application stop/start ise" and reload via CLI on all nodes. The message doesn't go away.  

We are trying to integrate Cisco Umbrella with QRadar. We almost at the final step but could find the details for Directory prefix . Can someone guide us where to find or how to obtain the details. ThanksWe have configured for the logs to be sending ...

Hi everyone, I installed Cisco Packet Tracer and used as a guest some time. I've used all 3/3 saves. Now I need to save my project, which I started as a guest. I created netcad account, but I don't see the way to save it without reopen it and log in ...

Dear,I am using ISE 2.2.0 to manage authentication to a GUEST wifi.Since a while, users are not automatically prompted to authentication webpage (portal).So, I have to tell each of them to use the tips with 1.1.1.1 to force the display of the authent...

I have a rather large problem that is causing grief with an ISE rollout.The workstations that we have are 99% running windows 7.We have administrators that want to be able to log in via remote desktop when the users aren't present (i.e. after a Wake ...

I have only found couple of similar questions, but it has been a few years since it was asked. We are looking for a way while using ISE to authenticate and authorize network connectivity (specifically VPN) to have a check/rule for users IP address an...

I looked through the list of the HOW-TOs for ISE integrations with various vendors "ISE Security Ecosystem Integration Guides". Many of them seem to be from older versions of ISE <3.0. Is anyone planning to update these for 3.0/3.1 soon? If there are...