Hi Experts, In my quest to integrate the third party vendors switches with ISE, I have not started working with the Juniper switches. The specs are as follows,Juniper 4200EX with JunOS 15.1R7.8 integrating with ISE ver 2.3 AnyConnect 4.5.04.029 The i...
Hi all, My customer just acquired ISE to be used as TACACS+ authentication (2 PAN/Mnt + 2 PSN) in two new data centers. Which ISE version and patch are now the recommended ones? ISE 2.4 is long term, but I've seen a catastrophic bug (CSCvm93698) ...
Hi everyone, New deployments include default secure syslog and UDP syslog categories. 1) If I'm interested in central logging to my MnT, can these remote syslog targets be unapplied to all logging categories? I would like the only remote syslog t...
Hi Experts,I am a newbie in ISE and having problem in my first step in authentication. Please help.I am trying to deploy a standalone Cisco ISE 1.1.2 with WLC using 802.1x authentication. The user authentication configured to be checked to ISE's inte...
Dears,Am working on ISE 1.1, and am facing a problem after the posture assessment for a machine, if the machine doesn't have the correct antivirus, the NAC Agent suggest the following link remediation: http://kaspersky.test.com, when the user tries t...
Hi All! I have a problem between Cisco ISE and Active Directory. After adding AD to Cisco ISE I have a Failed Status in Active Directory Diagnostic Tool, rest of test is working good. Test result: DNS A record high level API query ...
I have some questions about the traffic flows for ISE and encryption.Source : All ISE NodesDestination : All ISE NodesPort : TCP 12001Purpose : ISE Configuration replicationQuestion : Is this over TLS?Source : All ISE NodesDestination : All ISE Nodes...
Hi Guys all my internal PCs are AD-Computers , ISE connected to AD , snmp configured on SWs ,DHCP scopes configured on SWs but ISE 2.3 didn't profile PCs with its Hostname , it profiled like Microsoft Workstation-10 pls Advise thanks all
Hello, I have a router in remote location that I sent there without aaa config. Now that the router is up and accessible remotely, I would like to have aaa configured. Last time, I had a bad experience locking myself from the exc command. My questi...
Hello, Do you know if it is possible to use TACACS+ authentication for Admin access on an ISE 2.2 deployment? (I mean admin access to ISE nodes) Thanks and regards, Víctor.
Hi Experts, We need to upgrade a distributed ISE deployment from 2.3 to 2.4 from the CLI, to remain AAA service online consistently. There is a question confusing me. As per the upgrade guide as below, after upgrading, the Secondary Administration ...
I'm looking for a best practice process for replacing an expiring 3rd party certificate used for Admin/EAP. I inherited a six node deployment and each node has the same Certificate for both roles imported, do all nodes need to have the same Cert for ...
Hello all, Recently I changed ISE CLI and GUI password. I keep on getting "AD: ISE account password update failed". What needs to be done here ?
Does ISE reporting meet HIPPA/NIST/PCI compliance format out of the box or it calls for any customisation/development?
I'm testing 802.1x in a lab and am struggling a bit with setting up MAB for phones. My understanding is that it requires an AD account to work with Microsoft NPS, and I've read that there is supposedly a way to wildcard the account so not every phone...
