Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.

Network Access Control

Cisco Access Control Server (ACS), Identity Services Engine (ISE), Zero Trust Workplace
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Labels

Forum Posts

Start a conversation

Resolved! ISE Purge question

Hello All,Customer is asking this question, I have been researching but cannot find an answer.  Every day they automatically purge guest users that have been on for 30 days.  They are testing a device that needs Internet access for 60 days.  Is there...

danrush by Cisco Employee
  • 1199 Views
  • 2 replies
  • 0 Helpful votes

MACSec switch to switch with or without ISE

Hello,I have a question regarding Switch to Switch encryption.we are running ISE to secure a switch to switch connection with Macsec. (802.1x mode)Because of some issues with ISE (upgrade, maintenance) we lost the connections between the 2 swithes an...

REJR77 by Level 1
  • 1869 Views
  • 1 replies
  • 0 Helpful votes

Error disable ports with cisco phone and computer daisy chained together

I have a WS-C2960S-48FPS-L stack running software version  15.0(2)SE2  , I keep getting intermittent error disable on someports after configuring 802.1x on the portsPort configinterface GigabitEthernet3/0/37 switchport access vlan 101 switchport mode...

Resolved! ACS to ISE Migration - Required Appliances

Hi ISE teamWe have a case of an ACS deployment based on 3 SNS-3415 (Primary, Secondary, Logging) with approximately 5000 NADs.What would be the recommended number of appliances for this scenario if they want to migrate to ISE and upgrade the applianc...

sdfads by Cisco Employee
  • 693 Views
  • 1 replies
  • 0 Helpful votes

MACsec/TrustSec between Sets of Switch ports and Specific Host

We have a client that needs to be able to do secure Voice calling in a Cisco UCM Phones and a third Party device that unfortunately does not support Secure SIP.The thought is that MACsec /TrustSEC might be able to be configured so that the switch por...

Guest portal redundancy

here is my deployment workflow   User >> GUEST_SSID >> AAA to PSN1 >> Redirect user to FQDN Guest.XXX.org >> Configure DNS load balance to resolved FQDN to PSN1 or PSN2   Should this workflow work? or i should configure it statically as   User >> Gue...

ISE high CPU caused by user "iseadmin"and proc "jsvc"

process "jsvc" is causing high cpu over hours.sometimes cpu is going down, sometimes not, doesn´t depend on AAA traffic or adminSessions any idea, what could be the reason ?   thx in advance Plattform: ciscoSNS3495K9ISE Version: 2.2.0.470     PID USE...

Resolved! API to perform CRUD Operations on endpoints and groups of endpoints

Hello,  I am looking for a way to leverage ISE ERS so that the desktop support team could add mac addresses to various groups in ISE without actually logging into ISE as an admin.  We would like to make it as simple as them selecting a group and impo...

Resolved! ISE-Admin access: Extra condition with external Username "contains/starts" with "x" ?

Dear experts, while migrating some ACS solution,  our partner is challenged with an option, that exists in ACS 5.x, but seems to be hard to build in ISE.The goal is to trigger and authorize with an  "external AD membership", which is fine, but then a...

mvassigh by Cisco Employee
  • 868 Views
  • 3 replies
  • 0 Helpful votes

Resolved! PostgreSQL External Identity store

I followed this guide PostgreSQL -Configure ODBC on ISE 2.1 with PostgreSQL - Cisco   I have this set up on Ubuntu and I have pgAdmin4 up and running connected the database as well.  What I would like to do is set up groups or tables for mac addresse...

Resolved! Distributed Deployment with 1xPAN 1xMnT and 2xPSNs

Hi Team,Is it supported to have a distributed deployment with 4x3595 servers with 1xPAN, 1xMnT and 2xPSNs? In this case, will we get 40k as the maximum number of active endpoints?I've seen that we always recommend to have redundant PAN and MnT. I wou...

MACSec Switch to switvh with or without ISE

Hello, I have a question regarding Switch to Switch encryption.We are running ISE to secures a switch to switch connection with Macsec. (802.1x mode)Because of some issues with ISE (upgrade, maintenance) we lost the connections between the 2 swithes ...

REJR77 by Level 1
  • 632 Views
  • 0 replies
  • 0 Helpful votes

Resolved! The order in which DNS settings are changed.

HelloI'm running a Cisco ISE 1.4 at Dedicated deployment (separate PAN Primary/Secondary, MnT Primary/Secondary  and PSNs)I plan to change the IP address of the DNS server.When changing the DNS server settings with the CLI, is there an order? For exa...

Y_K by Level 1
  • 498 Views
  • 2 replies
  • 1 Helpful votes
View All