I am using the following API to fetch the authentication list of active sessions from Cisco ISE:https://<ISEhost>/admin/API/mnt/Session/AuthList/starttime/endtimeWhen I retrieve the data using this API in Postman, I also receive a count of the total ...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
We have role based VLAN assignment at my company. The issue is that in the current config the users can bring in their own devices, authenticate with their work credentials and then get access to internal resources. My solution is to add a domain che...
I have an issue where a new deployment is not seeing any Radius live logs.. After checking the alarms it would appear several nodes are requiring the ISE messaging service cert to be regenerated, what are the correct steps for this? Thank you
Hello, In our case we have a fortinet firewall (7.2.8) and about 30 fortiswitches managed by fortinet. We are going to perform eap-tls auth with certificate for 802.1X users & computers and MAB for devices like printers, cameras,phones e.t.c. My iss...
Hi Team, We are noticing high memory utilization on cisco ISE 3.1 nodes after patch upgrade. we upgraded from patch 3 to Patch 9. The memory goes upto 80+ percent and then at one point it immediately reduces to 40%. When the memory goes high, it is...
Hi,Cisco ISE has the option to export the local user accounts to a CSV file. Passwords in that file are encrypted with a password which is entered upon export.Now I want to create my own import files, but these need to contain the encrypted passwords...
Hi,I am trying to configure wired BYOD dot1x onboarding.However, when the client downloads and starta Network Setup Assistant, I always get the sam error: "Secure access configuration for the ethernet failed".Did anyone experienced the sam issus and ...
Hi all;Based on the following Cisco's doc, when you use any Anyconnect/Secure Client services, it is advised to use NAM also (when 802.1X services are needed), not the Microsoft Windows native supplicant.https://www.cisco.com/c/en/us/support/docs/lan...
Hello Cisco ISE experts,I'm new to Cisco ISE V3.2 and I'm struggling with Policy Sets and the embedded "Default"- Authentication Policy.To make the output of Radius Live Log more meaningful, I would like to replace the word "Default" in the according...
Hi All,I am configuring snmp v3 user in ISE 3.3 patch 3 using below command and getting below message while configuring pass and priv pass. In ISE 3.3 cli reference guide it says that minimum length for password is one character but in cli it saying ...
I enrolled juniper devices and allot in Cisco ISE, but i notice there is no logs for tacacs command accounting. but all of our cisco devices showing logs history of commands inputted. please help
Does anyone know what the current setting is for a 802.1x switch port configuration for the switch for a Meraki Access Point? Is it a configuration similar to A or B below (a regular trunk port for an Access Point). I have been B but not sure how i...
Hey Guys, I have a question regarding conditions, and I didn’t find anything about it in the documentation. When we create a condition like calling-station-id, there are multiple options, such as starts with and begins with, which I understand. On...
Hello Guys, We have a project that migrates SNS ISE (physical appliance), and I would like to know if there is any possibility of migrating the users that were created by the sponsors? We did not consider this step, and I am thinking that after acti...
Hi;Consider the following scenario:Here is the configuration applied under the interface:The client boots up and successful authenticates by 802.1X:Now, the verification steps:Why the switch applies the highlited ACE from its point o view.My current...
