Hi, I am trying to get endpoint details based on the endpoint IP address using ISE 2.3 ERS API. I am able to get the endpoint details by passing the MAC address as below. I use Postman to send the get request. https://ers-username:ers-password@i...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Forum Posts
Hi,we have ISE 1.2x deployment, ISE not add mac address of new endpoints in Internal Endpoints IDStore due MAB after the advanced license are expired... 24209 Looking up Endpoint in Internal Endpoints IDStore... 24217 The host is not found in the i...
Resolved! To-delete
[***TO-DELETE***]
Dear forum , I am trying to find out where i can find the information about specific config change to Cisco ISE . For example : When an admin adds an endpoint (mac address) to an Identity Group i want to know which admin added which mac address...
Hi, Are there any plans to support more than 100 custom endpoint attributes? Please confirm this is the maximum. Thank you !! Jim
Resolved! PAN Auto-Failover
HI All, Will ISE node with PAN+MnT persona support PAN auto failover or it needs dedicated PAN persona only? Any limitation with PAN+MnT none for PAN auto failover.
Resolved! Migration from ISE 1.2 to ISE 2.x
Hi, please, can you help with the follwoing questions related to upgrade from 1.2 to 2.x: 1) The customer is using 4xUCS Servers with Geo Redundancy, 2xUCS per site 2) The license in use is Base License for 6,000 end points 3) According the ISE Tool...
Our customer is not yet using certificates for ISE authentication and are in the processing of deploying CA and PKI services to enable certificate enrollment. They want to audit the population of devices that still don’t have a certificate before ena...
Resolved! Using a DACL for Web redirection?
Hi, I have a customer that is implementing Rapid Threat Containment with Firepower and ISE to contain clients. We are using an authorization policy exception with a DACL that are downloaded to the switch and give the client very limited access. We al...
Resolved! ISE Reporting interface via API
Hi I could not find any ISE ERS API that allows me to perform reports (e.g. like the standard GUI Reports "top Authorizations by user". Did I perhaps not look in the right place? Is the Oracle DB accessible at all? I can't find the answers I ne...
my ise and stealthwatch are connected via pxgrid. i followed every step of the " Deploying Cisco Stealthwatch 6.10.2 with Cisco Identity Services Engine (ISE) 2.4.0.375 using Cisco Platform Exchange Grid (pxGrid)" Guide from John Eppich and used the...
Resolved! ACS 5.6 distributed model
I have an issue where I want to change the IP of the secondary instance which are not in online mode due to the change in IP. When I login to the primary instance and go to Operations-Distributed System Management and try to edit the IP of a secondar...
Resolved! ISE 2.3 and BYOD without certs?
Greetings, I am trying to set up BYOD, but without certs. I have it working, but wanted to find out if there is a way to skip the install part on the registration process. I found this link, but it doesn't seem to work on 2.3 https://community.cisc...
Hi All My customer wants to filter out devices which don't have Anyconnect or NAC Agent on them. If AC/Agent is installed, it should communicate to AD for domain logon. Otherwise device should not be able to access any resource. To sum up, custome...
Resolved! Cisco ISE - social guest login
Hello. social guest login using Facebook - is it still working after changes fb security settings in March 2018 (required strict mode for redirect_uri)?https://developers.facebook.com/blog/post/2017/12/18/strict-uri-matching/If yes what should be put...
