I want to connect two ISE devices. As far as I know, I know that when I connect two ISEs, one is active and one is standby. Do I have to buy a license each? Or does Active ISE only buy licenses and share licenses with Standby? https://www.cisco.com/...
Hi Team, My current project is to assist the customer with the integration of their new ISE 2.4 solution with Microsoft's SCCM and Intune. I got a few questions around the following: 1, The ISE 2.4 compatibility guide at https://www.cisco.com/c/en...
Hey,I had been playing for a while with MUD, Cisco do provide a sandbox with ISE in which it get a RADIUS packet with MUD URL and after that it forward it to the MUD manager inside the ISE as shown below So the ISE and the MUD Controller/Manager is o...
Automatic Failover to the Secondary PANYou can configure ISE to automatically the promote the secondary PAN when the primary PAN becomes unavailable. The configuration is done on the primary administrative node (Primary PAN) on the Administration > S...
My ultimate goals are to be able to execute the getAssets API query to be able to see all of the existing endpoints. Then to selectively CREATE, UPDATE, and DELETE endpoint records. I'm viewing this document. Page 126 indicates that the base URL is h...
Hello We have created a simple website to onboard users' endpoints using just their MAC address, which we also assign to their AD username using portalUser attribute of Endpoint API. However, this is an interim tool... in future we would like to swit...
Good morning all,Currently I've inherited a 6 node deployment: ISE 2.1 patch 8Primary admin/ Primary MnTSecondary admin / Secondry Mntand 4 PSN Nodes. ise 2.1 is having disk space issues filling up the /opt/ and I was advised by TAC to upgrade to ne...
I'm setting up simple lab with two 9300 switches (ver. 16.9.3) connected with L3 link (no switchport).I've configured trustSec but I noticed that policy is enforced on switch 1 although destination host was connected to switch 2. I wonder if it is be...
Hello,I want to restrict entering to Webex Teams only within the organization for security sake, so users cannot log-in from home. Can I do that? How?BR,Yoav
Hi Guys Can you please confirm what happens if a customer does not renew their PLUS/APEX licences on time, is there a grace period after the expiry date ? Thank You Julia
Hi, According to ISE architecture for a large deployment, each persona requires a dedicated node, and some services call for dedicated nodes also (eg. PassiveID PSNs) whilst other services can be shared with existing RADIUS PSNs (eg. TrustSec Polic...
We have deployed ISE on VM and having version 2.4 patch 6.I was checking TACACS commands reports that ISE exports. I found that ISE was only showing part of the actual command the user typed.e.g.If someone typed "show run | sec tacacs "ISE would show...
Hi All, I am trying to configure guest CWA to differentiate between guest and employees that are logging into our guest portal. I believe that I can do this by changing the portal parameter 'Employees using this portal as guests inherit login options...
I am trying to find some information on the number of concurrent sessions supported when we use SNS 3615 as PAN in a dedicated deployment All that I have found in this link is about using 3695 as PAN https://community.cisco.com/t5/security-documents/...
Hello,I tried to look but I couldn't find any detailed information about Nexus 9300's MACSEC abilities. I am looking for information such as, MACSEC speed (line rate or not), supported on all the ports or not etc. Datasheet doesn't say much. If anyo...
