Deployment Type 1:We have two sites interconnected by WAN solution. Site A: One server ISE for all node (PSN, PAN, Mntg) with a domain controller Site B : One server ISE for all node (PSN, PAN, Mntg) With a RODC (read only domain controller). This RO...
I currently have profiling groups to profile devices, say Computers, Scanners, and Phones. These groups have Identity Groups which were created with a parent group of Profiled. They are also a member of a Logical Profile called All Devices. After a ...
Folks, Customer wants to check if a MAC Address exists in SCCM for an 802.1x authentication. This works for MAB but this is not a MAB request. This post says no, it is not supported: https://cisco-marketing.hosted.jivesoftware.com/message/248720 That...
Hello Guys, I have a couple of WS-C4507R+E running in VSS mode, and I'm trying to upgrade the license for the standby peer, and I'm trying to find the best procedure to do this with the minimum service interruption.My plan is to do a vss switchover r...
Hi experts, My customer gave me another challenge, to replace all cisco NAD to H3C. Here is their request, do the posture check, if the PC is no compliant, put them to VLAN 60, then put them to VLAN 20 after their PC compliant. Everything is OK ...
ISE 2.2 Patch 13 and Endpoint delete issue. Hello,I did setup RBAC policy Menu + Data for Admin User with limited permissions.When this Limited Admin logins and try delete endpoint under the menu: Content visibility > Endpoints it got an error messag...
Hi Gents, ISE: 2.3.0.298; Patch 5 we use a self registered guest portal. Now - i need on the "registration form" an additional button which clear the form field "ui_person_visited" if needed. It should replace or fill in the text within the form fi...
Hello Gents, https://community.cisco.com/t5/security-documents/ise-guest-self-registration-person-being-visited-sponsor-choose/ta-p/3636453i need a script that filter the results of locations by choosing the time zone dropdown form field. Similar lik...
Converting from ACS to ISE. Have a bunch of clients (multiple companies) all VPNing into our network using RADIUS for authentication.1) Is there a mechanism in ISE similar to ACS for DHCP pools?2) if not 1), do I have to define those on the ASA?Pleas...
I have configured AAA authentication using RADIUS in N9k. It works fine for first login but after that it fails. I suspect because the user-account in n9k cached it as network-operator. After the first login, i configured the radius server to reply u...
Hello, is there a way I can authenticate some users against AD and some again AD and the VIP server within one or 2 policy sets? The device type is the same so I can't distinguish based on that. Also, can someone provide me with some documentation o...
I am looking at doing Wired MAB with ISE 2.4. In the past for wireless 802.1x, I have allowed ISE to Profile devices, and then I have set the group to static so that it would not use a Plus license. I am now running into an issue where the wired MAB ...
Hello, guys Right now I'm having an issue with a customer. He wants to point his DNS to umbrella but in a Guest Wireless. It sounds that it is easy to do, but the difficult situation I found is that the customer has to point to an internal server b...
ISE 2.3 patch 5 I have a question on the client provisioning portal FQDN setting. I have three PSN nodes (2 in one data center and 1 in another data center). Now if I create DNS A records for the CPP portal to point to the 3 psn nodes like this:postu...
Hi Team, is it planned to get and accept ISE guest vouchers also in an NFC or QR code format? Similar to the solution with Meraki? https://www.splashaccess.com/cisco-meraki-nfc-and-qr-code-authentication/ Best regards Gerhard
