I am seeing the error "Policy with a scan action must contain scan action rules and vice versa". I'm having trouble understanding what this is trying to tell me. I tried creating my own NMAP scan action, but that didn't work either.
Hello, I have a problem with setting up SXP session between catalyst switches and ISE secendary node.All switches has SXP session to ISE primary (172.29.134.140) node set up.None of these switches has SXP session to ISE secondary (10.102.196.1) node ...
Hi experts!There is a Post-Upgrade step for ISE version 2.4 in the documentation:"With the operational data backup of MnT data that you created before update, restore the backup.Failing to perform backup and restore could trigger a High RADIUS Disk U...
Hello, As the above states I am trying to get my Cisco router to authenticate through our FreeIPA server and cannot find any info on this anywhere. The only thing I get is how to setup the router to be an LDAP server and I do not want that. Has anyon...
Hello, past the Patch 13 on my ISE 2.2 we dont can use special character, (example ä,ö,ü, -) in usernames. Have anybody a soloution ? Norbert
Dear all, My client is planning the procedure for migrating my four PSN (SNS-3515). They have four remote PSNs in two different countries away from the main ISE cluster in North America. For those my client did not have to buy new because they are...
Hello everyone, I am running into an issue with ISE and authentication. If I run my script to create a network device it does so and it shows up in ISE, however when I try to have the device authenticate with ISE, in the radius logs, I can see that I...
Hi all,I have a RADIUS server running on windows 2003. I am using cisco 2960 switch, everything is working fine but i need to test the local user account on the switch so that i dont lock myself out if the radius server is not available.which command...
I am attempting to automate the imaging process in an environment by utilizing ISE profiling.I have the following pieces working as expected:Using the DHCP probe with the dhcp-class-identifier STARTSWITH PXEClient:Arch:. The endpoint MACs move to a ...
Hi Guys,I have machine and user authentication using MAR in place. I have multiple certificates with the same CA-signed in my endpoint's certificate store (computer and user) and sometimes the endpoint uses a different certificate for the EAP authent...
I am looking to replace the Certificate that is assigned to the EAP Authentication Role - However the question has come up: Can this be a Public Certificate such as one signed by GoDaddy or does it need to be signed by the same CA that our Users get ...
Hi WI try to connect Cisco to wired network is connected and system scan is not happening getting like no policy server detected and default network access is in effectCan some one pls help me to resolve issue
When performing Wireless EAP-TLS using machine certs on ISE, if you are not requiring CRL check does the ISE server, WLAN Controller or wireless client need network communication to the Certificate Authority? The CA is an internal CA and not accessib...
Hello, Is there any way to configure 802.1x PEAP computer authentication on Mac OS 10.6 (Bound to AD) for ethernet manuallly without using Apple Configurator or similar software? Thanks, Aravind.
Hi all, Just troubleshooting some profiling issues and have found that multiple devices are profiling incorrectly eg MAC OSX profiling as Apple-Device. Basically the issue is the user-agent string profiled by ISE is incorrect meaning that only the OU...
