Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am looking for experiences from others who have done a migration from Cisco NAM to Windows Native Supplicant. Especially if you use it for wired devices doing EAP-Chaining with EAP-TLS for both machine and user. I acquired an ISE environment tha...
I am trying to get a better grasp on how these should be properly setup because I feel our current config is not. We use NAM (will move to Windows Native/TEAP in the future) with EAP-FAST/EAP-TLS and EAP-Chaining. Currently, our top two Authorizat...
ISE is still a learning thing to me. We do not have any wireless, only wired. Our windows workstations use NAM to authenticate with EAP-FAST and EAP-TLS and we also do EAP-Chaining. Right now, we are always having to take the authentication config...
Our ISE environment only authenticates wired connections and passes VPN authentication from our ASA firewalls on to our Active Directory. One of our VPN firewalls gets brute forced hit pretty hard. Luckily it is with attempts with usernames we don'...
Our guest VPN got hammered over the past month with rogue scanners and it took our endpoint count from 40k to almost 900k, purging by inactive hasn't seemed to help because it hasn't been that long. All the ones I want to delete are showing up on ou...
To add more context, I am attaching the two error that pop up from NAM when a new user logs in. They basically just toggle back and forth, you hit ok on one, and the next message pops up, hit ok on that one then the next message pops up. Then the cy...
Hi Greg. I put in my original post that I do have a test switch setup with limited-access Authorization Policies that only my test switch can hit and they do hit it in this situation and ISE and the policies do what they are supposed to do. I will ...
Sorry i am just now getting back to replying. I mentioned in my original post that I do have a limited access Authorization Policy set up that only my test switch can hit and said it does hit it. To be more precise I have one for when the system i...
Yeah, that's what I figured. ISE kind of got dropped in my lap to take care of about 2 years ago. Even before that, we had other companies come in and take care of upgrading it for us and just giving us whatever extra we needed (i.e. switch config,...
