Activity in Security
Resolved! Dynamic vlan with Cisco ise
Hi All, Need your help to understand the scenario below. 1 building with two floors and each floor has Cisco switch and we want to implement Cisco ise role based access. Two groups HR and sales has been created in the AD which is integrated with ISE....
ISE posture issues
DearsWe have DNA Fabric environment with Cisco 9800 WLC and ISE 3.2 integrated with it, endpoints Windows and MAC OS are using Anyconnect Client posture module (version 5.1.10.233) , on our network we have Quarantine subnet and Production subnets for...
Conversion (ASA to FTD)
Cisco ASA to FTD on Firepower hardware FPR1010! eplacing the entire operating system from ASA to FTD. trying to install an FTD image from a USB drive on their FPR-1000 but can't see the USB when using the show flash: or dir /all the imge i have on th...
Cisco 9300 Borken pipe issue
Good evening I'm trying to upload a Firmware .bin to my 9300. When i push it shows 0% progression and just says Broken Pipe after the .bin I'm trying to push. Anyone have any ideas or suggestions?
Not working on Wifi devices
I have set up the OpenDNS on my router in the Broadband Connection (Ethernet). I was under the impression that it would solve all my unsafe web search problems. However, all wifi devices (ipads, etc) are still able to access sites I want to block.D...
Secure Client VPN Always-On – Allow Hosts for SAML Authentication
We’re using Azure SAML authentication with Cisco Secure Client, and are planning to enable Always-On VPN. Since the VPN client must reach Azure SAML endpoints to complete Single Sign-On, we need to add the relevant URLs to the Always-On allow host li...
AD users/groups group name cannot be empty
Hello! Can someone help me with this, please? "I'm having an issue when trying to synchronize Active Directory in the FMC; it's detecting empty groups. After validating all the included groups, I found some empty ones and they have already been remov...
Is ISE 3.4 stable for production?
Hi,We're currently at ISE 3.1 patch 10. We intend to upgrade to ISE 3.4 patch 3 which is marked as suggested version now in Cisco's download portal. Since we've had many problems even with suggested software versions, I don't value a star in a Cisco ...
ISE-PIC licensing with Cisco Firepower
We recently updated our Cisco Firepower FMC and ASA sensor to version 7.X and realized the the User Agent software is no longer supported. I've been researching this and it seems that the new alternative is to use the ISE product. We have active supp...
Resolved! Can PSNs in a deployment use different EAP Auth cert/CA chains?
We run a distributed ISE deployment with 2x PANs, 2x MNTs, and 6x PSNs (two spare). We want the two spare PSNs to terminate 802.1X/EAP with a legacy server cert/CA chain, while two other PSNs keep the modern cert/chain. NADs/WLANs will be scoped so c...
Cisco ISE 3.3 patch-7
Good morning technology people,Has anyone applied patch-7 on your 3.3 ISE environment? I am almost 100% that this patch is NOT thoroughly tested by Cisco prior to releasing it. I have to patch my 3.3 patch-6 system in about two weeks (due to securi...
Resolved! Questions around Dynamic Attributes Connector - FMC integrated
Hi All,A few question around Cisco Secure Dynamic Attributes Connector (CSDAC).On a test FMC (v7.4.1), I've enabled the CSDAC integration and added build-in connectors for WebEx, O365 and Zoom, confirmed FMC is receiving feeds and corresponding Dynam...
3.2 cisco ise, after installation on VM. GUI not working
I am experiencing an issue with Cisco ISE 3.2 after installing it on a virtual machine. The installation process completed successfully, but I am unable to access the GUI via a web browser.
Secure Access vs Secure Connect
What's the difference between these two solutions? I'm very curious since they seem to serve the same purpose. When should we propose Secure Access, and when should we propose Secure Connect?
ISE profiling an IP range
HiI have a requirement to profile devices based on IP range. This is easy if my subnets are on octet boundries. So I can match the 10.10.10.0/24 subnet with startswith 10.10.10 and that works fine.However if my subnet is, for example, 10.10.0.0/20 ...
| User | Helpful Count |
|---|---|
| 202 | |
| 39 | |
| 38 | |
| 26 | |
| 20 |
