Hello experts, I have a doubt regarding the Certainty factor on ISE.Let's suppose we have a default profiling rule which is Canon Device with one condition matching the Canon OUI and CF = 10 (Minimum CF = 10)1st question : Now if I create a custom pr...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
Resolved! Help with Cat9300 Device Sensor
Hello Trying to do some device profiling for a wired 802.1X deployment. No matter what I try, I cannot see Device Sensor data in the RADIUS accounting. Is there a magic command that I have forgotten? It works so easily on Cisco WLC's - but tr...
Resolved! ISE SGACL not completely pushed to NAD
Hey All,I have fabric network where ISE is Policy enforcer not DNAC. I have more than 150 SGACL in ISE and pushed. When I check the NAD I do not see all of them. What can be reason for this?
We are experiencing an issue which affects some endpoints after they have been re-profiled. From time to time we see endpoints that have been profiled as a specific type of device (i.e. Windows10-Workstation), get re-profiled as a generic device such...
Hello, In a hybrid deployment with 3695 as PAN & MnT, a PSN based on the 3655 would support up to 50,000 concurrent sessions, or just 25,000 sessions? Looking at the ISE PSN Performance table on the ISE Performance & Scale page, for the 3655 appl...
Resolved! nessus scanner service account in ISE
Hi Experts We've received an request from the security ops team to create a new service account for the 'nessus' scanner (with AD integration) in ISE with Read only privileges to scan the ISE devices. Typically, we'll use 'nessus' scanner to scan the...
Resolved! option to enable ssh from ISE GUI
Dow we have an option to enable ssh from ISE GUI
Hi,I'm trying to create a authorization policy using an active directory OU (both user and machine objects). But I'm unable to the OU to ISE. It only allow security groups. Please advise.
Hi all, Are there any SXP scaling numbers available for SNS-3655 running ISE 2.4+ when the respective nodes are deployed in standalone mode with all personas running on the same node (2xSNS-3655 redundant in total) ? The latest BRKSEC-3432 does not...
Resolved! SSH key pair with TACACS account
Can you combine ssh key pair with tacacs user for authentication for routers and firewalls?
Hi All, I have a question , and i hope someone can help me with this one. Currently i have an distributed deployment of 8 ISE nodes (software 2.3 with Patch 1 + 2). The ISE is joined with an Active directory an all is working. However: We ha...
I have set up a pretty wide open policy set for some Juniper firewalls, and it is allowing the authentication in ISE, but the same auth still fails on the Junipers. Any ideas?
Resolved! Identify unique number of users
Team can you help me with this, - what report can be generated to find the the total number of unique users that have been authenticated or posture checked by ISE let's say in the last 24 hours, using filters in context visibility shows me currently ...
Resolved! Port 8443 not working on PSN deployment
Hi all, i have a problema with ISE 2.1 patch3. We have 2 nodes (1 primary admin/sec monitor and 1 sec admin/pri monitor). Guest portal on Node1 is working fine (port 8443) but is not working on Nodes2. Typing command "show ports" on node2 there is no...
Resolved! ISE Ports & Purpose
I am hoping to find documentation on the ports that a typical ISE deployment utilizes and a description of their purpose. I have a very good energy customer that must meet strict compliance mandates where all of their services are concerned. For t...
