Hi, is ISE going to support SHA256 to do SLO in the next releases?Right now we have this info:"For this to work we need to set the secure hash algorithm to SHA1 instead of the default SHA-256.This is set in ISE relying party trust properties under ad...
This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other troubleshooting best practices.
Forum Posts
Resolved! NAD profile for Avaya
Hi team,We have a potential large Customer for ISE, this Customer deployed a mix of Cisco and Avaya Switches, I do not find a NAD profile for avaya switches in the following page : ISE Third-Party NAD Profiles and ConfigsDo you have any profile for a...
We have a client whom authenticate WiFi clients using AD credentials. This is, WLC pointing to ISE as a radius Server, and the latter is looking up in the AD Tree.They are moving all their services to SSO authentication using ADFS, and they are askin...
Resolved! ISE upgrade from 1.3 to 2.1
Hi Champs!A quick question: We are running ISE 1.3 and would like to upgrade.Is there any stable version we could upgrade to?I see we can directly update from 1.3 to 2.1, but not to 2.2.Is it a good idea to update to 2.1?We are running ISE in distrib...
Resolved! Issue with ISE AuthZ Policy
We have an issue with ISE selecting the appropriate AuthZ policy based on the device NDG name. A customer has 200+ locations, with each location having a specific code to specify the geographical location / building / floor. Their business requireme...
Hi, I would like to monitor ISE 2.2 processes via SNMP. I know that in the Admin Guide we can use SNMP traps for that - however it is not working so well. I tried to bring down ISE processes with 'application stop ise' command. However I am not g...
Hello Everyone, I have ISE server, and I wanted active directory an user block or ban on ISE server. thank you for the assist
Hello, I am looking to update my ISE 2.1 installation from patch 2 to patch 6. Can someone please point me to documentation that outlines the correct procedure for accomplishing this in a distributed deployment scenario? We have 2 admin/monitor...
Hi, We have a certificate expiring next 17th. We need to generate .CSR again in order to sign this CSR our CA. The problem is that when we try to create this .CSR we receive this error: In the past, we created .CSR without problems. Why are we g...
Hi team,Customer is migrating from ACS to ISE. They need to create a secondary host IP address (/32) or loopback on ISE to provide an access to. Is it possible to do it? Thanks,Alexey
Resolved! PAN and MnT: move to new DC
Hello,In a distributed deployment with Standalone PAN and MnT in HA we need to move all of them to new DCs, PSNs will remain as they are.Which is the recommended procedure?1.- Remove nodes from the system, e.g. secondary PAN and MnT, change hosts IP ...
Resolved! ISE posture - supported SCCM versions
hi team,do we have any official statement about the supported versions of SCCM client/server for ISE+AnyConnect posture?Also I would like to confirm if SCCM Express updates are supported for the posture flow.Thank you in advance!Anastasiya
Hi guys, are there any options to export or get an user/password list from ACS 4.2 internal database??. I have used "csutil.exe -u" but I have had only got an users list but not their associate password for migrating to another environment
Hi all,We are piloting wired 802.1X but have hit a snag - FlexConnect AP switchport configuration requires the port be configured as trunk, with the native VLAN for management and access VLAN(s) for client data.I know 802.1X cannot be configured on t...
Hi team,I have a use case where the customer has an open SSID used for guest and they are using CWA with ISE. Because this is a public place, when people walk by, their cell phones will automatically join the SSID; however, very few people actually h...
