I've seen some cases where one of our users gets authenticated correctly via dot1x and the user's identity displays fine, but then 30 seconds later, reauthenticates via MAB and user's identity is replaced by his MAC address. Then, 30 seconds later it...
Hello, I've got the task to export logon event logs from a CDA server. The log must contain information about the users and their attempts to connect to the domain network via Cisco AnyConnect. No syslog server is in place.Current scheme of NAC: Cisc...
hi folks, I have a 2-node-deployment (taken over from an other service provider) running on version 2.4 P9Configured is a SFTP-repository which user's password has been changed ~2 months ago.I updated the passwd in GUI, so i gets replicated.Now we no...
Hi all, Just wanted to verify for how long ISE 2.6/2.7 would be supported on SNS 35x5 appliances? Both 2.6 and 2.7 will be supported for another few years but SNS 35x5 appliances have an end of life note and it states the following:as listed in https...
Hello Team, Need your help. Unable to access Sponsor portal with LDAP credentials.configuration is correct. sponsor portal is working for AD & internal users but not for LDAP users Can anyone please help ?? Thanks in advanced.
Hi,This is the return of our long usage of ISE and MAB for IoT/OT devices on segmented networks. All our "important" devices as company desktops and such are EAP/TLS auth.We have for a few years used an external LDAP cluster for MAB auth, and are now...
Hi, i want to filter out all commands containing "MGMT" on my ASA.But it doesn't work for me, it looks like my regex argument isn't being activated.The command portion seems to work if i test with fixed arguments. I use the following statement: Grant...
Is there a way to clone a Policy Set within ISE 2.6? What I'd like to do is clone a policy set and deploy it again to a different set of Device Types.
Hello,Does anyone have an example of a Cisco ISE syslog for this event? I have the description of what this would look like but I need to know what the <log details> looks like. Message Code: 87004Severity: NOTICEMessage Text: Posture service receive...
Under a certain block of end points with ISE, we currently have Static Group Assignment checked and a specific Identity group assignment set for a large block of devices withing our ISE environment. High School Chromebooks that have not had much acti...
Just wondering if there is a way to accomplish what I'm trying to do with ISE/FTD in a way that is mostly seamless for the end user. We are trying to assign different VPN group policies to clients once they connect to VPN based on whether they are en...
Hello, I am integrating Cisco ISE with Microsoft AD and I am having a problem adding the Domain Controllers (DCs) on PassiveID. I have already performed the 'Join' between ISE and AD successfully. Both ISE nodes are operational and I can see both DCs...
From packet capture on ISE, I can see meraki switch sends in the radius packet access-request the machine name host/<machine-name>as User-Name attribute and calling-station-id matches the endpoint mac address but in ISE I see 2 logs:1st log says:Even...
Hello Everyone,We are using ISE version 2.3.0.298 patch 6,7 in virtual environment. We are trying to do TC-NAC from ISE GUI with AMP cloud but it show error "ERROR: while trying to connect to AMP cloud " in vendor instance while trying to connect AMP...
Hi all,My question is in regards to configuring a NPS on windows server 2016. When I attempt to add multiple devices to the Connection Request Policy that I have configured it seems to break the authentication process. It would seem that I need to cr...
