Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1047
Views
15
Helpful
3
Replies

SDA Trustsec Issues

Go to solution
mattw
Level 1
Level 1

‎11-10-2022 09:45 AM

Hello!

I'm setting up a new SDA environment for a customer. They have DNAC 2.3.3.5, ISE 3.1p3, 9500 borders running 17.6.4 and WS-C3650-12X48FD edge switches running 16.12.3s (currently only 2x test edge switches).

I noticed in the ISE RADIUS live logs there are multiple CTS errors for both switches (see attached).

Looks like the switch is trying to communicate with ISE using an unsupported SSL/TLS version which is causing the handshake to fail?

Any idea where I go from here?

I checked Settings > Security settings and these are set to (what I guess are) their defaults: TLS 1.0 and SHA1 ciphers disabled and everything else enabled.

Many thanks in advance!

Matt.

Preview file
1138 KB
Preview file
62 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ahollifield
VIP
VIP

‎11-10-2022 09:48 AM

TLS 1.0 is required for TrustSec

View solution in original post

3 Replies 3

Go to solution
ahollifield
VIP
VIP

‎11-10-2022 09:48 AM

TLS 1.0 is required for TrustSec

Go to solution
mattw
Level 1
Level 1
In response to ahollifield

‎11-10-2022 03:12 PM

Hi @ahollifield,

Thank you for confirming. I did end up enabling TLS 1.0 which kicked it into life. Seems bonkers in today's day and age??

0 Helpful

Go to solution
ahollifield
VIP
VIP
In response to mattw

‎11-11-2022 05:14 AM - edited ‎11-11-2022 05:14 AM

Agree, it's a really common complaint among my customers.

Customers Also Viewed These Support Documents