This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
I am trying to configure ISE NFR (installed on vmWare) - I had to start from the only available NFR version 1.0 - so I first made upgrade to version 1.1.1(acording to release notes there should be no problem with stright upgrade) then applyed patch 3. Then I started to configure it through GUI. I found I am not able to create "New Allowed Protocol Service" - in
Policy -> Policy Elements -> Results -> Authentication -> Allowed Protocols
I tried te create new one - to be able to allow only EAP-TLS autentication for some authentication rule but whatever I tried I always got error message "Can't create new service" after click on <Submit>.
I just upgraded to version 1.1.2 but this issue is still there.
Has anybody been in the same situation? Any advice how to solve this?
Thanks for any help
Small note - I found workaround - now I am able to create new one by duplicating existing "Default Network Access" and then editing it to proper form - but
I just tried ths on my NFR image that I have upgraded up to 1.1.1 Patch 3 and I have no issues creating new authentication profiles. My guess is something went bad during your upgrade. I upgraded my in staged fashion: 1.0 > 1.1 > 1.1.1. Nevertheless, good job on finding a workaround. A long term solution would probably to get a fresh install.
Thank you for rating!
I haven't upgraded to 1.1.2 yet as I am traveling. However, the plan is to get it done over the weekend. I will post the results there. Although, I have noticed that the uprades can drastically vary based on amount of resources allocated to the VM. Mine is running on my local laptop in Virtual Workstation with minimal resources so upgrades take forever