ISE2.3 Patch 5, Cisco 3650 16.3.7, Avaya 1608 So I have this 3650 and I run a heavy port config without any templates. I don't run 'switchport access vlan XXX' or 'switchport voice vlan YYY', I assign those values via ISE authorization profile. I...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
Currently working on a integration with an External Radius Server for external Authentication within Cisco ISE, but when configured Cisco ISE does not pass along the "Calling-Station-ID" attribute. This reduced the visibility on the Radius Integrati...
Recently, we started receiving alerts that we've exceeded our Plus license count. It is my understanding that devices registered via the self-service web portal will consume one Plus license when it goes on line. I'm looking for a way to enforce a ...
Hi all,My office is in the middle of a security audit. One of the questions that has come up is how the ISE encrypts credentials that are stored locally on the device. I know Cisco does a Certification process for FIPS 140-2 and has certified ISE ...
Resolved! ISE guest login social media supported
Hello,is facebook the only social media guest login supported ?How about google or Instagram ?
Resolved! ISE compatibility with 3com/H3C switches
Hello team, Does ISE support wired access control, automatic dacl/vlan config, authentication, etc with 3rd party switches, mainly 3com 5500 G and H3C 5500?? How do you suggest to do that? Thanks!
HI all, after extending the sub-ca (which issued the ISE admin + eap certs) by using same private key (just extended the expire date), we are faced with updating the ISE certificate trust store..but this seems to be impossible without major impact:...
Hi all,we've been running Cisco ACS version 4.x half a year ago, but decided to upgrade to Cisco ISE. So we've made a fresh installation with our cisco partner. At the moment we're live with this equipment, but running in a lot of troubles, as we're ...
Hi everyone, I have a dispered ISE deployment (each persona is on a dedicated node). It seems like several of the inter-node traffic are in fact long-lived TCP connections. This means the TCP connection may last hours and is never reset by either...
Hi Team, I have a customer enquiring about the maximum number of Remote Logging Targets supported by ISE. Of course, this number would be dictated by the size of the deployment, however are there any performance numbers available we can share with ...
Resolved! Unknown deny with ISE in SDA setup
Hi all, While rolling out traditional ISE policies to SDA policies in a customer network, we were hit by this issue: The setup is: ISE running on 2.3 patch 5, DNAC on 1.2.6. There are SXP tunnels from each PSN to each border per VN, to transmit the S...
Resolved! R-ISE-10VM-K9 5 years Smartnet?
Hi, I have a customer that will order the 10 VM Bundle (R-ISE-10VM-K9=) before the EoS (Feb 2019), they would like to have 5 years of Smartnet but it's not possible under that sku. Can we use the new Smartnet sku (CON-ECMU-RISEV9SM) and put 5 years?...
I have a customer that believes they have an enhancement request to submit. They are currently on ISE 2.3 and it appears that 2.3 only supports 1024 for diffie-hellman groups and does not support the use of safe/random prime numbers. They are wonderi...
Resolved! Change MnT Role
When I swap MnT primary/secondary in 2 nodes deployment, usually use role dropdown in deployment nodes menu as follows. But I notice the operation is not documented in administration guide. https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/adm...
Resolved! ISE-PIC Deployment Scenario Fails
Dear Team, We have deployed an ISE PIC solution for passive ID in our customer network for wired and wireless users. Here are the providers that we are using: WMI Syslog for DHCP Dot1x for wireless – Active authentication. Here are the use cases,...
