Network Access Control

Is it possible to get the CPU and Memory utilization of all ISE nodes in deployment with the help of API such as ERS or monitoring API?

Hi All,  I am trying to find following information and so far didn't find anything in the documentation.Any pointer you can provide will be apprecaited On which node passiveID service needs to be activated i.e. PSN or PAN ? If we have distributed clu...

Hi All,I have found that currently vMotion is stated in the config guide as being supported. Is that correct? In a previous post that was closed I could read that this was not supported yet.http://www.cisco.com/c/en/us/td/docs/security/ise/2-1/instal...

As per the document to configure SNMP traps, port 161 should be open in ISE.When checked with show ports | in 161, there were no output for the admin node.How to open this 161 port for SNMP configuration?

I have a Catalyst 9300 configured with 802.1X with ports in multi-auth mode.  Corporate laptops use 802.1X to authenticate to the corporate network and BYOD devices use MAB/CWA to authenticate to a BYOD network.  The issue I have is when a Mitel phon...

I would like to request that when we export the Endpoints from Context Visibility in ISE, it uses our Field order from the web page the user is logged in as...  If this is too hard, then just re-organize the database Schema to be in a more logical or...

Hi All,I have a question around profiling and wirelessMAB. I have a device that I want to allow on the wireless based on profile. I see that when device tries to connect to the wireless it is getting profiled correctly. I have then created a policy s...

Hi Just migrating from 2.2 to 2.7 by building new nodes and importing. Currently got 1 PAN up and 2 PSN, the rest to followThe PSNs have the ISE Messaging Service but the PAN is not displaying it.Gone to regenerate the root Cert but the option is not...

Good day,Apart from ISE taking care of endpoint security, can it be used by any means to secure switch uplink ports or ports where servers may be connected. Thank you. 

Hi - I have a question around wired dot1x monitor mode and ISE. If I was to enable monitor mode on a switch, is it possible to generate a report in ISE (if yes, how?) that tells me which users/clients have failed the dot1x authentication? This is to ...

Hello, I have an ISE 3.0 and I would like to give access to "Import endpoints from CSV file" in Identities/endpoint to ISE administrators, I already gave access to logs and import menu, but when I click to test it tells me I don't have the rights. Th...

My Cisco ISE 3.0 patch 3 on SNS-3655 is making outbound https to the following sites: 173.37.145.8 --> tools2.cisco.com34.216.127.109 --> ec2-34-216-127-109.us-west-2.compute.amazonaws.com.35.83.205.101 --> ec2-35-83-205-101.us-west-2.compute.amazona...

Hi,I have set up filter for the inbound interface on the wan part.I permit www and 443 traffic from any to a specific host (2A01:XXXX:XXXX:C884:8000::1).I get the following error on the browser:<html><head><title>Service Unavailable</title></head> <b...

What is the best method for deploying EAP certificates within a multi-node deployment where users will roam between sites? Each site has an ISE PSN and the Admin and MGMT nodes are in a DC.The root CA of the certs that are presented to clients during...

Hello, I have ISE version 2.2.0.470 with a hung backup.From the CLI how can I cancel the backup job, using the least intrusive method possible? I want to avoid a reload if possible.  Configuration backup status%% ----------------------------% backup ...