Network Access Control

We are using a netscaller to load balance radius requests to our PSNs nodes for 802.1x.  When I go from a cisco switch directly to the PSN nodes it works fine.  When we try to pass it through the LB we get the "5440 Endpoint abandoned EAP session and...

Hi,   My customer has two different ISE clusters used for MAB (one in US, another one in EU). They would like to authenticate US devices visiting EU. The idea was to rely on an identity source sequence, if the MAC was not in the EU internal id store,...

Hi community!I was wondering, I'm using eap-fast with the unprotected identity as anonymous but I see that there are many failed authentications with this user in every authenticationReading documentation it says that I need to append the domain in t...

My customer uses Sponsored Guest Access for their Guest management with Cisco Wireless. They want to move to self service with email verification, however, the challenge they faced in the past is that any authorized approver is able to see and approv...

Hi all,   I have a maybe basic question about SGACL-enforcement locally on access switches: Let’s assume I have two access-switches within a L2-deployment (Access-Switch A and Access-Switch B). On Access-Switch A User_a is being authenticated, he get...

We have purchased 3650 new switches 40, configured 5 switches per stack with total of 8 stack switches to be exact and all of them comes with IOS-XE 16.3.x. but I am having issues getting all switches to work with CWA and 802.1x.    I tried upgrading...

Hi everyone,I have a problem,in July I did an upgrade of my ISE from 1.2 to 1.3 and from 1.3 to 2.1 and finally from 2.1 to 2.2 and I applied your patch 3 of this last versión. All it work ed good after that I did upgrade, but one week after I saw th...

Hello,We are performing an EAP-Chaining ISE rollout and are running into the Windows 10 LSA issues where the computer name is encrypted and, as a result, fails authentication.What are the current Cisco recommendations to address this Windows 10 and C...

We have an ISE Guest cluster with PSNs having 2 interfaces. One interface receives the radius request and the other interface receives the web redirected traffic.   WLC----internal-network-----PSN---------------router   During failover testing we shu...

We have an ISE Guest cluster with PSNs having 2 interfaces. One interface receives the radius request and the other interface receives the web redirected traffic.   WLC----internal-network-----PSN---------------router   During failover testing we shu...

I'm in progress of deployment of an ISE solution for my customer and last week within couple hours we noted steep increase in Authentication Latency from 3-5ms to 500-600ms. First of all we checked config  logs and there was no changes to the ISE wit...