Network Access Control

Ask Me Anything- ISE Integration Insights

Welcome to the Cisco Community Ask Me Anything EventWe invite you to participate in our upcoming Ask Me Anything (AMA) conversation. Please submit your questions from Thursday, April 23, 2026, through Thursday, May 7, 2026. Our experts Miguel Martine...

802.1x and MAB authentication using a Workgroup

Just wondering what is the best way to test 802.1x and MAB authentication using a workgroup without an AD or certificate environment.

ISE 2.3.0 Radius connection "hits" showing up under "Device Admin Policy" and not "Network Access"?

My device admin policy is only configured for TACACS. My network access policy is configured for Radius for my wireless network. I'm able to authenticate to the wireless network and when I watch the radius logs, it's showing the correct network acc...

CISCO ISE: how to configure a DACL with an IP adress ranges to apply on a CISCO ASA

Hi all, sorry, but I've asked this question a few days ago but my post is vanished. Is it possible to configure an IP address range within an DACL for a ASA55xx? I'm aware to use a dedicated subnet mask 'if possible' but is there any other way like a...

Resolved! Decrypt backup file using GPG keychain

How to decrypt an ACS backup file (.gpg.tar) using GPG keychain software? I tried decrypting the ISE backup file and it was successful, however decrypting ACS back up failed.

Cisco ISE. Windows Native Supplicant on VMware

HOw to configure VM Ware host, with WIndows 7 guest workstation to do lab test of 802.1x authentication.I have created workstation and linked to the port on UCS, port connects to 3850 switch on access mode. how to test it? having problems with 802.1x...

ASA DAP functionality in ISE

Do we have a way to support a customer that is currently using DAP on ASA with ISE?The customer is using DAP to assign "Basic VPN Connectivity" ACL based on LDAP group, then provide additional access with a network ACL above and beyond if they are pa...

Resolved! Correlate the guest who is self-registering, to a sponsor group in AD

Team, I have an ISE use case where my customer would like to correlate the guest who is self-registering, to a sponsor group in an area of the country, or what my customer refer to as a Region. For example:Region 1 - DC , OR , IdahoRegion 2 - AZ, ...

Resolved! System name in ISE Reports

My customer has a few different requirements for reports to be generated within their ISE deployment.We need a report that has a list of all endpoints that failed posture and for what reason. We have been able to generate one that only contains the u...

Resolved! Cisco ACS 'enable' Authorization Requests AD Password

Hi Everyone, We have a subset of our infrastructure that uses shell profiles and command sets with ACS 5.x to authorize CLI users for different roles. The way it works is that the user logs in with their AD credentials, and then when they type '...

Resolved! ISE v2.3 Posturing Check for Windows

Hi All,Is it possible to create a posture check for a specific build of Windows 10? For example, is it possible to create policies to check if a user is using Windows 10 initial Revision followed by the following revisions:1709170316071511Thanks for ...

Endpoint group updates - recurring issue and possible feature request?

Hello,Hello, Please apologize the rant in advance. I'll try to be as constructive as possible.Once again I'm faced with a customer intending to do multiple manipulations off the guest portal regarding endpoint caching (remember me functionality), as ...

Resolved! ISE resource usage

I have a customer who is asking about the "resources" that ISE uses in a server (memory, drive, CPU) and why a 'larger' server is needed for ISE 2.4. Can anyone detail the 'behind the scenes' resource allocation that ISE needs/uses to justify the ne...

Cisco ISE support for TLS 1.2?

Hello, Does anyone know when ISE will support TLS v1.2?Does ISE 2.0 support it? Regards,David

Resolved! ISE2.4 consuming plus license for no feature enabled and attributes in authz policy

Hi Team,Customer running ISE2.4 with traditional base and plus license. Polices are configured for MAB and dot1x. Profiling also enabled and devices are getting profiled. It's an upgrade from 2.2.Policies have EAP-TLS, PEAP , AD groups and Endpoint ...

ASA live traffic monitoring

Hey Guys, How can I monitor denied traffic real-time? With "show conn", it just shows the accepted sessions, but I want to know if there is a source IP that sends traffic (even through IPsec tunnel) and get denied. Packet tracer is not handling live ...

Network Access Control

Forum Posts

Ask Me Anything- ISE Integration Insights

802.1x and MAB authentication using a Workgroup

ISE 2.3.0 Radius connection "hits" showing up under "Device Admin Policy" and not "Network Access"?

CISCO ISE: how to configure a DACL with an IP adress ranges to apply on a CISCO ASA

Resolved! Decrypt backup file using GPG keychain

Cisco ISE. Windows Native Supplicant on VMware

ASA DAP functionality in ISE

Resolved! Correlate the guest who is self-registering, to a sponsor group in AD

Resolved! System name in ISE Reports

Resolved! Cisco ACS 'enable' Authorization Requests AD Password

Resolved! ISE v2.3 Posturing Check for Windows

Endpoint group updates - recurring issue and possible feature request?

Resolved! ISE resource usage

Cisco ISE support for TLS 1.2?

Resolved! ISE2.4 consuming plus license for no feature enabled and attributes in authz policy

ASA live traffic monitoring

Bulk Update Fails for customAttributes - Is it supported?

UserPrincipalName not showing in ISE Log for certain user

CISCO NAM installation by iso generated by System Center

can i USE 2 CISCO ISE posture policy in same time with 2 Anti malware

High Response time for Entra ID TEAP with ISE

Certificate Services OCSP Responder nearly expired

ISE databases - which one has the endpoints?

port-based network access control for Data Center - 802.1x (yes or no)

Cisco ISE-V-3.3.X: CSCuj78705 >Schedule Report Attachment through mail

Trying to Upgrade a ISE 3.3 Ptach 9 to ISE 3.5 Patch 2 upgrade issues