Welcome to the Cisco Community Ask Me Anything EventWe invite you to participate in our upcoming Ask Me Anything (AMA) conversation. Please submit your questions from Thursday, April 23, 2026, through Thursday, May 7, 2026. Our experts Miguel Martine...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
I have big trouble to implement 802.1x on OSX clients. Are there any suggested "best pratice" ways to do so?As far as I know OSX only supports user based certificates which is one of my biggest problems since we have some workstations which are share...
Hi Experts,I am trying to configure downloadable-acl (or dynamic-acl dacl) under authorization profile.Under 'authorization->downloadable acls' i have created a dacl with 'permit ip any any' in the name of 'dacl1'.Then under 'policy -> results -> aut...
Resolved! ISE and LDAP configuration
Hello,we have integrated a WLC with an ISE for a customer.The customer has an AD configured with LDAP and Kerberos.Our goal is to have a SSID dedicated to employees, but when the pc clients connect to the SSID they present themselves with MAC address...
Resolved! Cisco ISE - AD Domain Errors
Hi All, Getting some errors in ISE and not sure what the root cause is:ISE_AD_Connector 0000134298 1 0 2022-02-27 14:27:27.753 +00:00 0013036049 25010 ERROR AD-Connector: Trusted domains discovery failed, AD-Domain=XXXXX.LOCAL, AD-Error-Details=The m...
Hi, since passes/failed authentications are not vissible anymore due to lack of flash player support, I am looking for the CLI command to view passed or failed authentications in a friendly way...Can anyone help? Best regards, Peter
Hi, We are looking for dual-factor authentication for office Wi-fi. Currently, we have single-factor authentication using Certificates.How can we implement dual-factor using Certificate and OTP using External Radius server?
Resolved! Cisco ISE compatibility 2.4 patch 9
Hey all, Quick question. Regarding Cisco ISE compatibility which source of truth do you believe? Let's say for instance for ISE 2.4 patch 9. I refer to this document: https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/compatibility/b_ise_sdt_24.h...
We have configured 802.1x wired settings using EAP on AD using group policy and pushed to AD joined clients. On the client pcs, the EAP MSCHAPv2 Properties dialog box is unchecked when connecting and this is same on other pcs though a few have it che...
Dear Colleagues, I learned yesterday that our Terminal Services agent actually CAN put 'IP:port«»user' mapping data into pxGrid and WSA 11.8 is going to be able to read and use that data along AD group info taken through pxGrid 2.0. At least as far a...
Resolved! CIsco C3850 + ISE reauthentication
I neew switch to send authetication link to host , so i can check is there antivirus and any connect on hostSo every thing working fine even fater connection user gets special vlan, then switch gets link ( i can see it in session infprmation) but thi...
How do I correct this health check failure? I am looking to install patch 5. Cisco ISEVersion 3.0.0.458Installed Patches 2,4Product Identifier (PID) SNS-3655-K9 I/O Bandwidth Performance Check 0/10One(or more) failures have occured. "onFailure": "wa...
I am facing a weird issue with one my ASA which is integrated with Cisco ISE.. randomly it stops communicating with ISE and falls back to local user database for logins.. at that time there are no logs in cisco ISE which suggests that ASA is not tryi...
Resolved! cisco ise license
Hi,I want to assign VLAN based on the vendor, for example, if the device is apple, need to assign VLAN 10 What type of license I require.? Also, it is possible to assign a vlan based on the mac address? . And if yes what type of license require ...
Hello Having some issues with ISE 3.1 ZTP install when trying to add the ise_config.img as a 2nd CDROM into the VM config. Anyone got that working? I get an error below that the file doesn't exist. Seems VMWare only allows to specify .iso files v...
Hi all;I want to create a authorization policy that include EAP-FAST as a Network Access: EapAuthentication condition. Please look at the following figure: Is it possible to add EAP-FAST here as a selection option?Thanks
