Identity Services EngineGood day. I am trying to add a custom network device profile. The profile is created but settings are not saved inside it. (See attachment) Does anyone know how to solve the problem?My account is in the superadmin group. ISEVe...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
Resolved! ISE Guest DNS
Hi All, I have a question regarding DNS for ISE portal redirect. I am setting up a guest hot spot portal in ISE for a customer that will use an FQDN such as guest.domain.com. ISE has been configured with a dedicated interface that sits in the cus...
Resolved! generate CSR on ISE
Hello,I'm wondering which private key does ISE use for CSR generation?In my case it is ISE 2.4, I generated a new multi-use CSR for my cluster (see Image)CSR generationIt works fine, but which private key used ISE for CSR generation? I exported all s...
Hello, I would like to know if I can connect to FTP using certificate. I have found that for SFTP is possible to use RSA Public Key. The other thing I would like to know is if there is a guide with steps for configuring this feature. I have found t...
Any ideas or recommendations on how to be able to see the Access Points that Guest users/endpoints (or any other authenticated endpoint) are connecting to? The access points are controller based to a 3504 WLC. How to accomplish this either in Conte...
Hi,I found a very strange issue here. I have included the mac address in the bypass list but however it doesnt seems to get authenticated , always remain as UZ. Therefore once CLOSED mode enforced, the device port Gi1/0/46 gets DROPAnyone has any ide...
Resolved! Reverting ISE Licensing Options
Hi Team, Moved ISE to Smart Licensing and realized we hadn't migrated our Base licenses over. Can we simply revert back to the classic licensing module to document the license PAKs? Any caveats or concerns we need to consider when switching from Sm...
Resolved! ISE VM will not boot
Hello,I am wondering what options might be available to recover an ISE VM that will no longer boot. Background - ISE 2.3 install, VMware ESXi/vCenter. The ESXi host ISE was running on lost access to it's storage. At that point in time, the ISE VM c...
Hi all,I am doing a Wireless ISE Anyconnect posture using compliance module 4x... Can anyone tell me how ISE Gets to know the status of the device is Unknown? Which area & which information it is looking for to mark the device as posture unknown.I k...
My Customer is implementing ISE with Nexpose but testing with VPN posture users. We are following this document. https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/200974-Configure-ISE-2-2-Threat-Centric-NAC-TC.html ...
Am creating a user and want the secret to use level 5 encryption.When i sue this command,"username [user] privilege 15 secret 5 [Cisco password]"I get the following error "The secret you entered is not a valid encrypted secret.To enter an UNENCRYPTED...
Hi , ISE is integrated with AD and used for authentication users and device access admin, normally it use TLS 1.2 for the communication between ISE2.4 and AD 2016, right? anyone can please advise, thanks.
Hello, I am curious to know , if a Cisco VPN AnyConnect is configured and for Posture of this VPN we use Cisco ISE , how Cisco ASA forwards the traffic to Cisco ISE when it does Posture. I have 2 Cisco ISE and I know that PSN is always Active Active ...
Resolved! Allowing only dot interfaces on a Bundle
Hi All,I am working on Cisco Secure ACS for IOS-XR and I want help from experts out there. I want to globally deny if someone could remove the whole bundle(e.g: no interface Bundle-Ether10) but can do both of the following on the dot interfaces only:...
What are the differences when configuring Radius with ISE between defining a "radius token" or "external radius server"?
