cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1024
Views
15
Helpful
3
Replies

SDA Trustsec Issues

mattw
Level 1
Level 1

Hello!

I'm setting up a new SDA environment for a customer. They have DNAC 2.3.3.5, ISE 3.1p3, 9500 borders running 17.6.4 and WS-C3650-12X48FD edge switches running 16.12.3s (currently only 2x test edge switches).

I noticed in the ISE RADIUS live logs there are multiple CTS errors for both switches (see attached).

Looks like the switch is trying to communicate with ISE using an unsupported SSL/TLS version which is causing the handshake to fail?

Any idea where I go from here?

I checked Settings > Security settings and these are set to (what I guess are) their defaults: TLS 1.0 and SHA1 ciphers disabled and everything else enabled.

Many thanks in advance!

Matt.

1 Accepted Solution

Accepted Solutions

TLS 1.0 is required for TrustSec

View solution in original post

3 Replies 3

TLS 1.0 is required for TrustSec

Hi @ahollifield,

Thank you for confirming. I did end up enabling TLS 1.0 which kicked it into life. Seems bonkers in today's day and age??

Agree, it's a really common complaint among my customers.