About fcs-lingle

fcs-lingle · 04-01-2025

ISE is still a learning thing to me. We do not have any wireless, only wired. Our windows workstations use NAM to authenticate with EAP-FAST and EAP-TLS and we also do EAP-Chaining. Right now, we are always having to take the authentication config...

fcs-lingle · 02-07-2025

Our ISE environment only authenticates wired connections and passes VPN authentication from our ASA firewalls on to our Active Directory. One of our VPN firewalls gets brute forced hit pretty hard. Luckily it is with attempts with usernames we don'...

fcs-lingle · 11-01-2024

Our guest VPN got hammered over the past month with rogue scanners and it took our endpoint count from 40k to almost 900k, purging by inactive hasn't seemed to help because it hasn't been that long. All the ones I want to delete are showing up on ou...

fcs-lingle · 04-24-2024

Actually, I did post this in the Network/Switching forum. I guess someone with power thought it was better suited here and moved it. Which we both apparently disagree with.

fcs-lingle · 04-23-2024

My company has 4 Call Manager subscribers, two at our HQ datacenter and two at our colocation. We powered down everything at our colo this part Saturday because we are moving it out of state. Since then, we have had random locations having switch ...

fcs-lingle · 04-02-2025

Yeah, that's what I figured. ISE kind of got dropped in my lap to take care of about 2 years ago. Even before that, we had other companies come in and take care of upgrading it for us and just giving us whatever extra we needed (i.e. switch config,...

fcs-lingle · 04-02-2025

Did you ever find out anymore insight to this?

fcs-lingle · 04-02-2025

Truthfully, cert issues is usually only about 10-15% of the reason for the not authenticating, it is usually issues with the NAM needing to be reinstalled. And I am not sure I have seen an expired cert be an issue as of yet, sometimes there is two c...

fcs-lingle · 04-02-2025

That's my next battle....but regardless, I would still need the limited access dACL in place to address cert issues.But I am curious as to how many out there that just use ISE for EAP-Chaining/EAP-TLS purposes use TEAP over NAM. Any fuel I can add t...

fcs-lingle · 02-07-2025

Thanks for this. I would much rather us implement something on the ASA and take these hits off our ISE environment. We are running 9.16(4)71 on it already. I will lookin to this. Thanks again.

Member Since	‎04-24-2022 07:09 PM
Date Last Visited	‎04-25-2025 12:02 PM
Posts	21
Total Helpful Votes Received	6

User Statistics

User Activity

Looking for solution for access for workstations not authenticating

Policy Set to block specific IP address after a so many failed logins

Endpoint profile purge by Network Device Name

Re: odd loopback errdisable issue

odd loopback errdisable issue

Re: Looking for solution for access for workstations not authenticatin

Re: Turn off NTLM in ISE, Use Kerberos instead.

Re: Looking for solution for access for workstations not authenticatin

Re: Looking for solution for access for workstations not authenticatin

Re: Policy Set to block specific IP address after a so many failed log