Hello, Can someone give the steps to enable ssh access in cisco ACS. I am the administrator for cisco acs and I can login into the gui without any issues but when I login via ssh it says access denied. Cisco Secure ACS Version : 5.6.0.22.2 Thank yo...
I have turned on the aaa command authorization without applying adequate privileges to the user. I can now login through that user but the ASA 5510 displays an error :============================EUKFW2# show running-config ^ERROR: % Inva...
Hello experts, I have a question about ACL.I have configured the first requirement like below on both R1 and R2.!access-list 101 deny tcp 192.168.2.0 0.0.0.255 host 192.168.1.3 eq www! Though it works, I found that my PC in 192.168.3.0 network could ...
I have tried to integrate ISE with Azure using SAML. Currently, I have only the Base licence.When I am trying to create the new Service Provider Info. we called the IDP in My Devices portal. At that time its showing License warning.Because we don't h...
Hi We have a ISE 2.6 with 802.1x in a few site and now we want apply 802.1x wired in all our sites. Some small site have a Cisco 29XX with a EHWIC-D-8ESG-P and I have some doubts about the comtibility with Cisco ISE 2.6. The ISR29XX is marked as comp...
ISE Version : 2.2.0.470 - Win-server 2012 R2 64bit Domain : lab.localand the connectivity is perfect and both is reachable !! Hello all im facing trouble with ise 2.2 integrating with server to join in domain this issue is drive me insane i had try...
Hi,I have the following issue:Several hosts on a specific VLAN cannot reach a VNC server which is located in the same VLAN. All the ports are running 802.1X and hosts are authenticated based on certificate.The hosts that have the issue are always aut...
Has anyone tested or confirm whether Anyconnect NAM and Windows Native Supplicant can run in parallel on a machine? We have some users part of two organisations that use two separate ISE instances. Typical Org A users have NAM on their machines. Typi...
Hello,i just have one question my custumer haves 300 devices authenticating on a ACS with TACACS so what should i buy to meet this requirement?from what i understand i only need the following: R-ISE-VMS-K9=Cisco ISE Virtual Machine SmallL-ISE-BSE-PLI...
Hi, I want to upgrade an ISE deployment from 2.0 to 2.6 but the deployment is using a L-ISE-BSE-1500 legacy license. Is it possible to do the upgrade with the current legacy base license? if not what needs to be done? Any comments are really appre...
Hi all,Our current deployment: We currently authenticate our AnyConenct users using ISE local accounts via RADIUS. My question: Is it possible to use SSO integration on the ISE for anyconnect authentication? The deployment would ideally look like thi...
Hi,I currently use Anyconnect VPN to connect via our ASA's. Auth is via ISE to our on prem AD and a cloud based RSA provider for 2FA.As the company is moving to Office 365 replacing the costly 2FA service with, the already paid for, Azure MFA is des...
Hello , is there a way to create a policy based on DestinationPort radius attribute ? (1812 or 1645) Thanks in advanced . Spyros
Hi Experts,I got these commands from Cisco documents to deploy AnyConnect silently to a bunch of PC as part of migration project. This is make sure that there is really no user interaction when this AnyConnect push is happening.Commands: msiexec /pac...
I have a Meraki WAP that is generating alarms in ISE for COA Failure and the event is 5417 Dynamic Authorization Failed. The Access Point is connected to a Catalyst 3850 running IOS-XE 16.6.4a and we are running version 2.6.0.156 Patch 3 of ISE. The ...
