Network Access Control

Cisco Access Control Server (ACS), Identity Services Engine (ISE), Zero Trust Workplace
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

Labels

Forum Posts

I recall NAC being binary in that endpoint passed HIP check and were allowed through or failed and placed on guest net.  I've a situation where Company A has acquired company B and will be bleeding applications over to company A's Data centers over t...

sasalinas by Level 1
  • 313 Views
  • 2 replies
  • 0 Helpful votes

Hi Team, I have a customer who is thinking in ISE deployments, but they want to create 3 clusters: 1-. 1 PAN + 1 MnT + 9 PSN 2-. 1 PAN + 6 PSN 3-. 1 PAN + 6 PSN   I know when we deploy distribute environment we use to install 2 PANs and 2 MnTs for HA...

gugonza2 by Cisco Employee
  • 645 Views
  • 2 replies
  • 0 Helpful votes

I can ping my TACACS+ ACS server but with the current configuration via SSH and ACS credentials on my Cisco C891FW-E-K9 (revision 1.0) with (C800-UNIVERSALK9-M), Version 15.5(3)M5, RELEASE SOFTWARE (fc1): router#ping 1xx.1xx.45.12Type escape sequence...

hi all,    First, I would like to know how an session attribute (example Agent-Request-Type)  behaviours in authorisation rule and posture policy rule    Agent-Request-Type is a session attribute for posture selectively apply posture requirements eit...

Uggen by Cisco Employee
  • 644 Views
  • 1 replies
  • 0 Helpful votes

Dear Community We are using tacacs+ for aaa purposes. Currently each user has to submit their own username and password to connect to our switches. Once they are authenticated, they will have immediately access to the enable prompt. Now we would like...

musystec by Level 1
  • 1425 Views
  • 3 replies
  • 0 Helpful votes

Have a customer with the following setup with a Virtual ISE deployment - Separate PSN running 2.4 with latest patch PSN interfaces are setup as follows: Eth0 - is intended to be used as management only with communication to PAN, MnT, DNS, NTP, AD etc...

keviande by Cisco Employee
  • 907 Views
  • 2 replies
  • 0 Helpful votes

Hi All,  Any assistance would be greatly appreciated. I am sending radius auth logs to a Palo Alto for identity based policies.  It works, but it seems every type of device sends the logs in a different manner for exampleUserName=DOMAIN\\isetestUserN...