Hello, My MacOS 10.13 system is running 4.6.03049 with ISE Compliance Module 4.3.264.2304 and at least once a week Anyconnect has the System Scan running forever. It never goes to a ready state prior to connecting to the VPN. After connecting, it co...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
I have 2 Rules setup on ACS. Rule-1 is for Radius. Rule-2 is for TACACS. Authentication Policy for Rule-1 is not going to be exported and giving the following error. All the Authorization policies are being exported though. Object Type: Policy Gr...
Resolved! Cisco ISE Multi Auth or Multi Host
I am confuse, between multi auth and multi host arrangement. Can someone help to face this situation?
Resolved! When PSN looses connection to both PAN
Team, Can you please let me know in a distributed environment, if a PSN looses connectivity to both the PAN's does it still does authentication/posturing?... Thanks
Resolved! Cluster ISE between appliance and VM
hello, I'm almost sure, but I would like to know if there is an opportunity to create a cluster (Admin, Mnt) between a 3595 Appliance and a Hyper-V VM?Thank you in advance for your feedback.
I'm trying to understand how ISE uses the timezone in the Sponsor Portal. What I "thought" would happen, is that when I select the Location (timezone) in the red rectangle below, the 'from time' in the green rectangle would be updated to be in the cu...
Hi, Does anyone know whether we can join 2 different versions on the same distributed system. I have 5.4 and 5.6 and 5.8 version on secondary server and there are some difficulties upgrading 5.4 to 5.8. Is there any issue?
Hi, I am working with the customer and they would like to know more about the below syslog messages. message code="59204" : Resume log collector message code="59207" : The log collector was suspended successfully Questions: What information is...
Hello, I have a customer who has Aruba WLAN integrated with ISE 2.4 (patch 4) for CWA. The customer has a requirement that a guest can register maximum 2 devices and at a time he should only login from one device. I tried to use " disconnect oldest...
Customer would like to check if MACOS main version 10.x.x is up-to-date. is it done by Patch Management condition in ISE ? for examples I can see vendor is Apple and agent is software update 1.x 2.x 3.x . how is it relevant to MACOS main version ?...
Hello All, Am I overlooking that this maybe already exists - but my customer would like to have from ISE GUI the button to test the connectivity to FTP server from ISE which they could use before they start ISE backup. If this already doesn't exists ...
My customer is deploying ISE w/dot1x and MAC machines like High Sierra, Mojave etc., (10.13 and later) Here is the current situation,1) We have 802.1x authentication working fine on the MAC. 2) We have a working profile in JAMF to push the initial ...
Resolved! MyDevice Portal Redirect
I have an environment where we are hosting the MyDevice portal on our external domain but the ISE nodes have names issued by the internal domain which is not resolvable for users outside the domain. When connecting to MyDevice Portal by the FQDN that...
Hello, Customer is exhibiting the behavior that when they add new ISE PSN node if everything is correct it gets synced up with PAN in 10/15 minutes. But if something is wrong the node stays blocked for 3 hours. And there is no option to exit out of...
Resolved! Anyconnect posturing behaviour
Hi all, I've configured posturing with ISE for our anyconnect clients connecting to asa 5545 headends, and it works for the most part, but I have some issues. When a client connects, it is authorised via ISE and it falls into a 'compliance-unknown'...
