I'm running 3.2 patch 2. I have the NMAP probe enabled (profiling configuration tab) and in General Settings i have "enable profiling service" enabled on the PSN. What I'm not seeing is the PSN actually doing an NMAP scan on a device when it comes ...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
Can ISE posture detect whether a client laptop/desktop is connected/joined to Azure Entra id (Azure AD). Earlier ISE had an option to identify whether s system is joined to AD.
Is it true that having enabled the profiling with just the basic license makes no difference in terms of possibility of authorization, but enriches the logs of authorized devices?I'm asking this question because I faced this scenario: with two nodes,...
Hi Friends, Was trying to do AAA authentication for Radius and observed one issue. When i put authentication open then Dot1x and mab both works fine but when i do not configure authentication open command dot1x works fine but mab device does not work...
Hello;As you can see below, the user marked his registered device to "Lost":According to Cisco's document, when a user changes the status of a registered device to "Lost," the following actions take effect:However, in my setup with ISE 3.2 Patch 4, t...
Hello'Consider the following scenario:Suppose I want to revoke the assigned certificate to "User2". So, as you can see above, I select the entry and then select the "Revoke Certificate" option. Now ISE warns me by displaying the following message:I t...
Hello All,We implemented ISE almost a year ago, and our two ISE servers have certs from a 3rd party (Godaddy) that are expiring soon. Under Administration/System/System Certificates, under Used By for the certificates it shows:Admin, EAP Authentica...
Hello all,What is the purpose of the TrustSec_Devices SGT?
I cannot find documentation or blogs or tips where I turn off NTLM authentication in ISE. Like the original post, we are a customer that needs to turn off NTLM on all domain devices and users. Audit of NTLM group policy settings are enabled to find a...
Hi team, I'm facing issue with alarm "Smart Licensing Id Certificate Renewal Failure"it alert everyday. but when i click on details to see the licensing method and Cisco Smart Licensing is currently in use.DescriptionRegistration renewal for Smart Li...
Yes I know I have exhausted this topic on my previous post (https://community.cisco.com/t5/network-access-control/cpl-template-mab-dot1x-simultaneously/td-p/3749539) but I wanted to post again to ask a question of the BU on this topic. As a recap, ...
Resolved! CPL Template MAB/Dot1x Simultaneously
One of the advantages of using the CPL (IBNS 2.0) style template is you have the option to run MAB and Dot1x simultaneously. This means closed mode is not as detrimental to MAB devices or you can do VLAN moves in open mode without the worry of devic...
Resolved! Wired 802.1x Supplicant log out
Hello All, I have an issue after deploying wired 802.1x. The cisco ISE is integrated with windows AD, and the switch integrated with ISE as a radius server. The endpoint users logs in to their windows PC using their domain account and they successful...
Resolved! Cisco ISE - profiling licensing
Hi all, I'm having some trouble understanding when advantage license is actually consumed in Cisco ISE. I read at the official guide that "basic profiling" is included in Essentials, and more "advanced profiling" is included in Advantage. When tes...
Resolved! ESXi requirement to run ISE version 3.2?
According to Cisco documentation, in order to run ISE version 3.2: https://www.cisco.com/c/en/us/td/docs/security/ise/3-2/install_guide/b_ise_installationGuide32/b_ise_InstallationGuide32_chapter_2.html. It stated: VMware Virtual Hardware Version/...
