05-04-2018 11:34 AM - edited 02-21-2020 10:55 AM
I'm attempting to import network devices into ISE 2.4.
Following the template found in https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/admin_guide/b_ise_admin_guide_24/b_ise_admin_guide_24_new_chapter_01001.pdf
The documentation says that Authentication:Protocol:String(6) is optional and the only valid value is "RADIUS".
My import is failing with the message: Failed Value for attribute Protocol is mandatory
Putting TACACS in that field is rejected.
Putting RADIUS in that field is accepted, however then I believe I need to manually edit each device to uncheck Radius (I have tens of thousands of devices so this is not very practical).
Any suggestions?
Solved! Go to Solution.
07-12-2018 06:17 PM
Hi Kevin,
I might be late to the party.
I suspect that this could be caused due to the bug in ISE 2.3/2.4 described in the below link :
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj13401
A workaround has been defined in the link which is to remove "FALS" under "Enable Multi Shared Secret:String(128)".
Hope that helps
08-11-2019 08:13 PM
I never EVER post anything on the Cisco forums, however this time I'm going to.
Why is isn't this the answer that's marked as the solution?!?!?!
Thank you sir!
08-11-2019 10:29 PM
01-17-2019 12:42 PM
I had the same issue. I found a bug that has the fix action. I have pasted the results of it below for those that don't have a CCO account. Removing FALSE from the field listed below fixed the problem for me.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide