I have 2 sites Site 1: Domain - xx.ZZZ.com Wifi Authentication - 802.1x via Cisco ACS 4.1 Site 2: Domain - YY.ZZZ.com All 802.1x authentication works fines when two sites are connected via MPLS but when we migrate the traffic to S2S VPN the be...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
Hi Experts, I see that Juniper is supporting CWA with these following switches here: https://apps.juniper.net/feature-explorer/feature-info.html?fKey=7084&fn=Central%20Web%20authentication The NAD profile on the communities has a profile for EX3300 s...
I have a problem with the phone system, connected to the ISE. The phone system contain two more phone devices behind the phone system and this phone system is connected to the network jack, i have assign multi host authentication mode but here, there...
Hi Experts, I have been struggling to integrate IBM Qradar and ISE via pxGrid. Been facing quite a few issues, initially, there was an issue with the DNS resolution, which we resolved. Then now all the configuration looks good and I can see that Qrad...
I'm trying to implement Wired Dot1x with mab backup for devices that don't support dot1x. Using ISE 2.4 for radius. I got dot1x to work fine with windows clients. Next step was to profile devices that don't support dot1x based on oui. I plugged my ...
Although Username has Privilege 15, show run command does not have authorization All other commands works. Below are AAA commands configured on switch. ======== username admin privilege 15 secret 5 xxxusername netadmin privilege 15 secret 5 xxx a...
Hello everyone,I would like to ask if there is a recommended interface configuration for supporting all methods of authentication in closed mode. Also, in Closed-mode, i would like to know if an ACL is needed in order MAB to work properly.I am gettin...
I have created a new SFTP repository on a ISE 2.3 Patch 4 primary admin node both in the CLI and GUI and run the Crypto host-key add host URL_of_SFTP server And I get the error below when I try to validate the repository. What did I miss for the co...
I am not even sure where to begin looking for the error. I recently discovered that my tacacs server (ACS 5.8.1) is allowing ANY username to authenticate - including ones that do not appear in TACACS. If you use a legitimate username and an incor...
Hello, I am trying to set up read only access to our nexus equipment using tacacs in ISE. I am currently following along with this documentation: https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin...
Hi Team, Can DNA Center use Azure AD (IDP) as an external authenticator ? I have found this info but not sure whether ISE to Azure integration then flows through to DNA Center?https://community.cisco.com/t5/security-documents/notes-on-azure-ad-as...
Resolved! Guest ticket creation (same day)
By today it seems to be impossible to create a guest ticket on a certain time of day until a certain time of the same day. You always have to end the ticket on the next day or have to run it until end of business day which also implies that the tick...
Experience during a PoC Customer has roughly 3000 LAN switches that sit on a common VLAN per campus site. At some large locations there are upwards of about 60 switches on one subnet (e.g. 10.100.1.0/24) We were using the Visibility Wizard to disc...
Hi all, we have 3000 Clients, most of them working without any Problems. But we have some strange issues with some MacBooks, sometimes.... :( Most of the Time all is working fine, but sometimes we got some Problems, so the Client can't connect anymo...
Resolved! ISE CIMC software strategy
Hi board, I'm wondering how others handle the CIMC in the Cisco ISE. In the ISE downloads, there is one BIOS and CIMC software (3.0.3a). However, there are lot's of CIMC vulnerabilities, which needs to be closed. The hardware installation guide doe...
