Hi I am integrating ASR9K with freeradius server for AAA authentication and root-system access. User successfully gets authenticated but unable to configure or see the configuration. Below pasted is my configuration. Can someone help me with this! CO...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
Hello Experts, I would like to verify which Profiling probes fetch the following information "Attribute:User-Fetch" Attribute:User-Fetch-Department value:Attribute:User-Fetch-Email value:Attribute:User-Fetch-First-Name value:Attribute:User-Fetch...
Hi dears, We have ISE SNS-3515-K9 and we want to implement it with access switches Nortel 5520-48T-PWR.please need your advice if it is compatible, not/ partially compatible with it. and what is the services will not work if exists. Thanks.
Hello all, I'm looking for guidance on proper cert validation for use with the ISE API.I have valid certificates on all ISE nodes signed by our internal CA, but whenever I'm making API calls, they will only work if I specify -k/--insecure with curl.U...
Resolved! Is MDM redirection necessary for ISE2.2P2 for endpoints already enrolled with MDM offpremises.
Hi,Using ISE2.2P2 at customer site. They would like to check status for wired endpoints(Apple MAC) if it is registered with MDM to give final access. These endpoints are already enrolled for MDM off-prem, so is MDM redirection policy is required in I...
Hi my name is Ivan, I have a question:My customer have a guest portal customized (in html code) to provide CWA services to all the guest users.The question is:Can I import and install the web page of my customer into the Cisco ISE? Or perhaps the onl...
Resolved! What exactly is in the configuration and operational backups? Are they independent of node?
I'm likely overthinking the following note from Cisco: "Cisco ISE allows you to obtain a backup from an ISE node (A) and restore it on another ISE node (B), both having the same host names (but different IP addresses). However, after you restore the ...
Resolved! Bug CSCvi77015 fixed in 2.6
Hi Everyone, there was previous discussion around the issue while onboarding Android 8 and 9 with ISE. the related bug is CSCvi77015 it was supposed to be fixed with 2.5. Now that 2.6 is out (replacing 2.5), is this bug fixed and we can onboard andro...
Configure Device Administration for Cisco IOS device is straightforward, but I couldn't locate any Doc/guides regarding FTD. The closest doc I could find is : https://www.cisco.com/c/en/us/td/docs/security/firepower/ftd-api/guide/ftd-rest-api/externa...
Resolved! Acs to ISE Migration RSA query
Hello, I am currently working on ACS to ISE migration and In the converted ISE authorization policies i see the below condition Access:AuthenticationIdentitystore equals RSA However looking at the Identity stores RSA i see the name as RSA Secur...
Have a problem whereby we can't get a mab endpoint to get network access behind a Cisco 7940. If I reboot the phone, then both the phone and mabendpoint get network access. In the switch logs we can see where dot1x started fro both, no response so ma...
Hi, What is the recommended size of the background image to be used to customize the Guest portal ? Also, for the logo size, although documentation mentions Desktop : 86x45 pixelMobile Logo: 80x35 pixel I have noticed that this is small and 184x1...
Hi ISE team, I'm working in a ISE 2.4 patch 6 distributed deployment. My problem comes with BYOD configuration. I have follewed this guide for dual ssid flow: https://community.cisco.com/t5/security-documents/cisco-ise-byod-prescriptive-deployment-...
Can anyone explain the Failure Reason below that I am seeing in my radius live logs for an eap-fast session: 12962 Reject User Authorization PAC since its Initiator-ID does not match the Tunnel PAC Initiator-ID I have user auth PACs configured for 12...
In the release notes for ISE 2.6, I found this. Limitation: Endpoints are not profiled; they are only authenticated and added to the database. Condition: RADIUS probe is disabled. Workaround: Disable the profiling services completely. https://www....
