Hi community, I'm into this issue where I configured ISE 2.0.1 no patch with anyconnect nam eap fast and nac agent. Not using ac posture because of licensing.

So, everything works ok, client provisioning and agent does pop up correctly and it takes a reasonable amount of time to check, which is ok for us. Today I installed a valid certificate, wildcard in CN, and all the portals seem to be working correctly, but when posture is avout to happen it will show a warning of "certificate unknown, do you want to proceed" I click yes twice and agent pops up correctly... The first time you install, it will show a warning with four options that includes yes, no, view certificate and more information. Clicking on view certificate shows the self signed certificate, even though the wildcard is installed and working in all portals. I selected multi-use when generating the csr.

Troubleshooting a little made me believe that the NAC agent is getting this issue because it tries to connect to ise through port 8905 but I can't seem to find where to associate certificate with this port. I already use it in the provisioning portal and 8443 redirection shows no error.

I believe this is a configuration issue as I have tried many nac agent versions with no luck. There must be something I'm missing.

Thanks in advance.