Network Access Control

Hi, i am facing challenge to profile iPhone when they connect via VPN (Anyconnect 4.8, ASA 9.12, ISE 2.6 patch 3). i tried to create custom rules in order to profile iPhone when they connect but no luck so far. I created a new Profiling Rule in ISE w...

We are migrating from 2.3 to 2.6 and we make use of the MyDevices portal for employee devices.  Is there anyway we could migrate those employee devices from the 2.3 MyDevices portal into the 2.6 MyDevice portal.  I know we can import endpoints with t...

Our standard guest account purge policy is configured to purge expired accounts nightly.  There is another configuration setting called "Expire portal-user information after: 90 Days" which applies to Unused guest accounts (where access period starts...

Hi Team, All Linux versions has a built-in single-user mode derived from the old unix days. Although rarely used, it still exists. The security team has run security scans agains all devices within our network and has detected that the CentOS operati...

 Hello Cisco, We are struggling integrating our Nokia DWDM 1830 PSS-32 with Tacacs+ ISE 2.3SW Rel 12.0.0 Nokia 1830PSS. Does anyone has integration examples for this type of device?Nb.The Radius is created on ISE before for  DWDM PSS32 and we need to...

Hello Experts,I am bit stuck in creating a if then condition using the compound condition operators.I am trying to create something like this, if cond1 successful, then check cond2 else skip the posture check. The reason to get to this apporach is to...

We have just upgraded to 2.6 and on boarding is not working.Deployment is two nodes only.Original setup is an external MS PKI SCEP setup and would like to move away from this.The server certs used for all roles are issued from our MS PKI infrastructu...

I can't seem to find the character limit for launch program parameters in any documentation.  I have tested with a few browsers and think I found the limit by just increasing the parameters until it gives an error when saving.  But the error doesn't ...

Hi, is it possible to disable the ise's default cli username "admin"?  the guide (https://www.cisco.com/c/en/us/td/docs/security/ise/2-7/admin_guide/b_ise_admin_guide_27/b_ise_admin_guide_27_chapter_0101.html) mentioned something like: The username a...

I have a Windows forest with 4 domains.  I want to authenticate a user against DOMAIN-A and then check that same user for group membership in DOMAIN-B.  So authentication policy says If Radius:User-Name CONTAINS DOMAIN-A use DOMAIN-Aand  authorizatio...

Running ISE 2.1. Yes I know it's outdated but for reasons I won't go into here I can't upgrade. If I use the Context Visibility drop down menu and select network devices that list contains devices I no longer have on the network. Is there anyway to r...