Hi all!I am getting a lot of "Misconfigured Network Device Detected" alarms from one of my newly added device in ISE. I know that this usually means either misconfigured secret key and deleting and adding device and key on device side is solving the ...
IS there any way to make ISE and CPI turned on automatically after power cut ?!
Hello, We have a PSN node in our DMZ that acts as a guest portal for our guest SSID.I've had reports that when users enter their U&P to the portal it wont connect to the internet i.e. it wont drop the ACL. I've checked the radius logs and can see the...
We want to schedule an automatic rebuild of a Cisco ISE device with an import backup file. everything works except the join domain for which it is necessary to connect in GUI.Is there any other way to do it? CLI, API or others?
Hi All, Just want to confirm if you enable the MAR cache distribution, will it require the ISE services to restart?How to have visibility of two server that MAR distribution are done? anyway to confirm? We have two server PRIM and SEC. our current ve...
Hello, I hope you have seen this behavior, if not, please share your ideas. we have a deployment of one PAN and 6 PSN nodes across multiples regions in the world. Background: Each location has its own WLC 8500 series and we have a ISE 2.0. Each WL...
Hello, we are currently in the migration phase to a catalyst 9800 wlc. I am currently working on the tacacs configuration and I making no progress with setting up the lobby admins tacacs profile. With the old airos wlc you could simply select "Lobby...
Hello When I use windows 10 client to contect with a wifi,I'm doing the same thing as in the old version. But Network Setup Assistant crashed during install and installation failed. I attached failure message screenshot. I check in this Windows cert...
Hi team,let's assume I have multiple campus networks with tons of access and distribution switches.I want to use SGT for different reasons. The SGT classification happens at the access layer via MAB or 802.1X (basically in ISE authoriization results)...
Hi,A 802.1x port on a switch will grant a hub access if there is a 802.1x PC connected to the hub.Non-802.1x pc's can access the 802.1x network if they connect to the hub and spoof the mac-address of the 802.1x PC (switch port uses single-host mode)....
Hi,I would like to put two non-dot1x endpoints of same type/model of hardware from the same manufacturer, in different VLANs. I would like to use profiling condition/policy and then call it in Authorization rule for VLAN assignment. Can someone sugge...
Hi, I have a four node ISE cluster that one of the EAP certificates has expired. A new certificate has ben issued with the same subject as the exiting one. I am prompted that I can only have two certificates with the same subject when I am replacin...
Hi,I'm just quickly playing around with SGT assignment via the Cisco ISE.The plan is quite simple. There's no SXP protocol at all in the network. I'm just having an access layer and assign a SGT within authorization. I needed to create a SXP dummy de...
Hi,We are working on PoC for a customer to get order for ISE.Customer has IBM BIGFIX for patch management and endpoint management for maintaining different agents.ISE supports IBM BIGFIX for posture compliance perspective.Does it support auto remedia...
Hi, I'm trying together with a DUO engineer to find a solution to create a TACACS policy in ISE where the authentication is done through a proxy-radius, while the authorization is still defined in (and returned by) ISE. The ultimate goal obviously...
