Hi , I am trying to make ISE's self signed certificate to be trusted by my computer for admin access and for portal redirection ( same certificate ) . I extracted the cert (.pem) and then I renamed it with extension .cer in order to be executed by my...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
Hello, although not strictly an ISE issue, a customer has changed the UPN for a few Active Directory users.For example, FROM- FirstnameLastName@customer.com TO - Firstname.LastName@customer.com. This is not being reflect in the new certificate which ...
Hello Runing a ISE 2.6 patch 4. In the red text below i have alot of content that is geting skipped, and warning that admin changed a policies or a profil. My real issue is that HP Printers that are new are not geting identified. is there away to f...
Hello All, I was wondering if it is possible to use ISE (Version 2.4) to dynamically assign VLANs for wireless access points when they are plugged into a switchport. Our organization requires AP's to be on a separate VLAN from the user VLAN. And if s...
Resolved! Guest portal custom fonts
Hi CommunityIs there a way to upload and use custom font files to the ISE platform in 2.2 to be used when building the guest portals?I take it this is not available in 1.4 but was hoping perhaps in the new versions this provision is available.Thanks ...
Hi experts,Please help me develop my understanding of the Internal CA feature and the required license.I have a customer who has deployed ISE with 1000 Base license, for example. Now they want to utilize this for their new VPN infrastructure. The num...
Hi ,I am trying to build a policy to authenticate both Machine's MAC + The user should be a member of a special group in AD . I AM NOT USING 802.1X in my setup . My NAD is an ASA .the user authentication is already done , I just want to know how to ...
Hello Experts,I would like to extract reports based on the TLS version being used by the endpoints, as seen here:But, was not able to locate such a filter on ISE Reporting, any pointers to the same?Or is this something that cannot be extracted from I...
I have configured RADIUS on a set of new Nexus 9K's and for some reason I cannot get it to use the correct vrf for connections. Here are my configs and the error I get.aaa group server radius xxxradiusserver 192.168.2.20server 192.168.2.21server 192....
Hi,Since DNA Center managed Network Device.The ISE generate a lot of DNAC login raduis log.Can someone give advice?The attachments are the version and radius logs.
Resolved! ISE - Dynamic Variable Substitution
I have been reading up on Dynamic Variable Substitution within ISE. I have seen how the VLAN can be dynamically set. I see that there are 2 to 3 av-pairs that need to be set: sgt-name, security-group-tag and vn.Is it possible to set the Security Gr...
Hello All - I would like to understand the functionality of each CoA type available for a live session. The ISE live logs as wells as the tcpdump has specific CiscoAVpair messages associated to each type. Here are my findings, CoA Session Reauthcomma...
Resolved! Cisco ISE warning license after upgrade 2.2 to 2.6 ""Please contact your Cisco Sales Representative"
Hi,I just upgraded a Cisco ISE from version 2.2 to version 2.6 and just after updating a window appears with a warning message saying " Please contact your Cisco Sales Representative "Do you know what is due and how to fix it?Thanks
I am having a problem with re-connecting ISE Threat Centric NAC to the the AMP Cloud. It was working and then couldn't connect. So eventually I removed the connector and recreated it. Now when I try to complete the configuration to reconnect it fails...
Resolved! Does the ASA need SXP to act on SGTs?
I have been successful at connecting an ASA to ISE just by adding a PAC file in the ASA. The ASA is then able to get an SGT and see where ISE assigns the SGT in the session. Do I even need to continue using SXP? I have configured it successfully alth...
