Network Access Control

Hi All,   Cisco ISE (2.4 ) is integrated with Microsoft AD. I would like to restrict ISE logins with AD logins like   These groups can be created in AD. Groug1 - Full access Group2 - RO Access Grout3 - Sponsor Access   I just want make some account t...

Hi there,In our authorization profile for guest users, we configured the Airespace Radius Attirbute "Airespace:Airespace-Guest-Role-Name" with a value of "medium". On our WLC we have a QoS Role named "medium" with the appropiate data rates.In the res...

Greetings,   In our implementation of ISE we've faced the problem of local LDAP users getting their accounts disabled due to inactivity, the real issue here is that the period for an account to be disabled due to inactivity is 60 days and the ISE ser...

Dears, I am trying to configure the wired posture by anyconnect client but it is not working, the PC hits the unknown authorization policy and remains in the unknown state and the show authentication session int gigX/X displays the redirect url but o...

Hi All,   Could someone please assist how long does it take to apply patch on Cisco ISE (distributed environment). We have 1 PAN, 1 SAN, 3 PSNs running 2.1 Thanks.

Hello all,   Do we support migrating an ISE server to Azure cloud? Also, there is a requirement that servers that reside on Azure cloud must use DHCP which is obvioulsy not supported by the ISE at this point.   Is there any documentation you can poin...

Hi,   Any idea to check an endpoint that is using static IP instead of DHCP using ISE posture/compliance check?   Thanks Wing Churn

Hello,I understand in ISE, repeated RADIUS requests can be suppressed under Administration>System>Settings>Protocols>RADIUS.  Screenshot attached.  Are there plans to extend this suppression capability to TACACS?The scenario is customer runs a monthl...

Hi,   Due to compliance/posture check using third party switch, Auth VLAN has been deployed and some of the endpoint is using static IP. What is the best way to predeploy AnyConnect profile for known discovery host - PSN automatically, considering Au...

Hi I'm running into an issue with interim accounting and ISE. I have WS-C3650-48PD (03.07.05E) NADs doing 802.1x/MAB with ISE 2.3 patch 2.   802.1x/MAB works fine but the ISE Active Endpoint total always looks a little on the low side. The NADs are c...

all,    I have a healthcare system installing DNAC/SDA (AS and Partner)  in a new tower.   ISE-DNAC integration caused an outage with wireless users.   Customer would like to be proactive with fault management so they can detect, isolate , and correc...

When scripting to ISE pxGrid interface I find that - if I use the /getSessions API point I retrieve all the sessions - if I use the a loop, trying to get sessions for specific mac addresses using the /getSessionsByMacAddress, somethimes I get a statu...

Hi Team,   Can we use restful external API to send an alert to external logging server for below:   1. ISE System Health 2. Extenal AD Unavailable 3. Secondary node not synchronized 4. Backup failed 5. CPU percentage 6. Memory percentage 7. TACACS+ A...

Hi all,   I would like to double check something. I have a customer who is going ahead with 4 x SNS 3515. They want to do centralised ISE deployment with 1 Active ISE (Admin,PSN,etc nodes) and 3 Standby nodes. Is this possible ?    If the above deplo...

Hi Experts,we know that the WLC can do rate limit via Qos profile per client or per SSID which setup on WLC . however, I would like to consult that if can do via Radius with ISE ? for example, the authenticated user1 on Radius server will have the ba...