Network Access Control

Is it possible to copy individual policies between policy sets in ISE 2.4? I could do this in ISE 2.1 and ISE 2.2, but I am not seeing the feature.      Thanks,   Rob 

Team,   I am working with one of the Banks in India. They are running dot1x and posture on windows endpoints and IP Phones are getting authenticated using MAB. Edge switches are not PoE and IP Phones get power through power adapter. We are facing cha...

When using ISE as a TACACS server.   I know it is possible to specify multiple identity sources, (for example use internal first, then LDAP second, etc.).  However, I can't seem to find where in the ISE GUI this is configured -- can someone help me f...

Hello All,   I am trying to implement guest network using ISE 2.2 & WLC (aireos), with flexconnect (central auth and local switch). I am using separate interface in ISE-PSN for guest, but using the same management interface in WLC where other enterpr...

Hello I have a couple of questions on ISE. 1. How does one go about viewing the posture logs created in ISE. We are having an issue with a few anyconnect clients getting past the virus scanning engine. We would like to look at the logs and see what i...

Hi All,   Cisco ISE (2.4 ) is integrated with Microsoft AD. I would like to restrict ISE logins with AD logins like   These groups can be created in AD. Groug1 - Full access Group2 - RO Access Grout3 - Sponsor Access   I just want make some account t...

Hi there,In our authorization profile for guest users, we configured the Airespace Radius Attirbute "Airespace:Airespace-Guest-Role-Name" with a value of "medium". On our WLC we have a QoS Role named "medium" with the appropiate data rates.In the res...

Greetings,   In our implementation of ISE we've faced the problem of local LDAP users getting their accounts disabled due to inactivity, the real issue here is that the period for an account to be disabled due to inactivity is 60 days and the ISE ser...

Dears, I am trying to configure the wired posture by anyconnect client but it is not working, the PC hits the unknown authorization policy and remains in the unknown state and the show authentication session int gigX/X displays the redirect url but o...

Hi All,   Could someone please assist how long does it take to apply patch on Cisco ISE (distributed environment). We have 1 PAN, 1 SAN, 3 PSNs running 2.1 Thanks.

Hello all,   Do we support migrating an ISE server to Azure cloud? Also, there is a requirement that servers that reside on Azure cloud must use DHCP which is obvioulsy not supported by the ISE at this point.   Is there any documentation you can poin...

Hi,   Any idea to check an endpoint that is using static IP instead of DHCP using ISE posture/compliance check?   Thanks Wing Churn

Hello,I understand in ISE, repeated RADIUS requests can be suppressed under Administration>System>Settings>Protocols>RADIUS.  Screenshot attached.  Are there plans to extend this suppression capability to TACACS?The scenario is customer runs a monthl...

Hi,   Due to compliance/posture check using third party switch, Auth VLAN has been deployed and some of the endpoint is using static IP. What is the best way to predeploy AnyConnect profile for known discovery host - PSN automatically, considering Au...

Hi I'm running into an issue with interim accounting and ISE. I have WS-C3650-48PD (03.07.05E) NADs doing 802.1x/MAB with ISE 2.3 patch 2.   802.1x/MAB works fine but the ISE Active Endpoint total always looks a little on the low side. The NADs are c...