Hi All, I was wondering what happens when the log collector fails in a primary-secondary setup.Say i have a pair of ACS 5.2 and configured for primary and secondary setup. and the log collector is the primary ACS. All network devices are confi...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
Resolved! Cisco ISE SSH ciphers
Hi, An infosec team is in the process of certifying ISE and is seeking clarification on the various parameters used in SSH. Should use only below approved key exchanges. KexAlgorithms ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffi...
Hi Team, Regarding this ISE 2.3 application report: https://www.cisco.com/c/en/us/td/docs/security/ise/2-3/release_notes/ise23_rn.html "Context Visibility Enhancements The Application dashboard in the Context Visibility page helps you to ident...
Resolved! ISE profiling POV with WLC
Hi, I'd like to confirm if ISE profiling work well with accounting (without authentication) traffic from device sensor enabled WLC. Under customer POV, we can change accounting configuration on existing WLC but its authentication have to be done by o...
Hi, Can i create an Authorization policy for IP phones without having Plus (Profiling ) License ? Could you please confirm the below scenarios ? Example 1 : MAB and create an Authorization policy with OUI (if MAC is equal to aa:bb:cc ) and apply e...
Resolved! ISE client installation to AD
What is the benefits of ISE client installation on the AD server? Which task it`s responsible for? Is it possible to assign read-only rights?
Resolved! ISE 2.4 API - Mutual Authentication
My learned colleagues I hope you can help. I have been working with the DEVNET resource and already worked through a solution with the customer. However: Question posed to me by customer, reference API use on ISE 2.4 Mutual authentication woul...
Resolved! Question About Cisco ISE Clustering
Hello dear community, We have a question about Cisco ISE Clustering. Currently, we have two Cisco ISEs with 2.1 Patch 6 version installed on same CPD. Regarding an infraestructure change, we will have to install Cisco ISE on other CPD on other locati...
Hi everyone. Im trying ISE on VMserver. any functional difference between Small, Medium, Large in the ISE VM? https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/install_guide/b_ise_InstallationGuide24/b_ise_InstallationGuide24_chapter_01.html#vmw...
Resolved! Minimum AD requirements
Hi team, Customer is asking about the minimum requirements necessary to integrate ISE with AD. They've sent the attached picture and need to know which ones to tick. They're confused about the 'ISE machine accounts' table here: https://www.cis...
Requirement to create policy for set of users, to authenticate user via web authentication through wired network Requirements:1. User must authenticate using AD credentials2. Have login page to put the username and password.3. Will not use certifica...
Resolved! ISE 2.0 Cert Chain Android
I recently updated a couple certs on our ISE server. I applied the same cert to the default portal policy as well as EAP Authentication. We went from an OV cert to an EV cert which required an intermediate cert to be installed to the ISE server. I am...
Resolved! ISE HA on HyperFlex
Hi Team, I would like confirm if ISE HA is supported on HyperFlex, given the appliance meets the minimum read/write performance, VM, latency, and disk storage requirements? There's a post from 2017 that ISE on HyperFlex was not tested at the time and...
Resolved! Device Tacacs authentication failure
On ISE 2.4 I see Tacacs authentication failure for 2 devices. This is under –-> work centers -->device administration -->reports --> Device administration report --->Top N Authentication by failure reason. The failure has to do with the username, whe...
Hi Folks, I have a quick query on compatibility for Etherswitch modules for the ISR. The specific modules I am interested in are Cisco SM-X Layer 2/3 EtherSwitch Service ModuleCisco NM EX24ES1GECisco SM-ES2-24-P I checked for these PIDs and thes...
