Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I don't believe cisco's Prime UC apps can do this, so I'm wondering if anyone is aware of any intelligent 3rd party monitoring system out there for Cisco Unified Communications Manager. I'm looking for a full fledge monitoring application for Cisco U...
Documentation and books refer to allowing TCP/UDP ports 8905 and 8909 to the ISE servers in the AGENT-REDIRECT ACLs to make sure NAC agent can be prvisioned, be controlled by ISE and allow keepalive traffic. My question is if this all applies only to...
With EAP-TLS, can a server and client be signed by different CAs? Say I want my client certs signed by Enterprise CA and my ISE server cert be signed by public CA? Is this supported with NSP EAP-TLS and AnyConnect EAP-FASTv2 with inner EAP-TLS method...
Say my client is connected to wireless network, and then I plug it in wired network. Both are controlled by ISE. Both will appear in ISE with different mac addresses. Am I going to burn two licenses in this case? What do folks usually do to overcome ...
I have a question about timezones in ISE 1.3 for distributed deployments across the globe. I've seen some comments/recommendations on not configuring timezone on ISE nodes when deploying in dispersed geography and just leaving timezone as UTC. I've e...
Hi Neno, about your statement:"EAP-TLS requires both a client and a server side certificate. Thus, if you are going to use a public CA for your server certificate then the client side certificates would also have to be issued by that same CA."Are you...
Aha! Yes, I did know about the restriction, that you need to put wildcard into the SAN. So, let me get this straight. I can potentially use a *single* public wildcard cert for all needs in ISE (admin, EAP, portals) and it should all work. The cert's ...
Hi Neno,have a quick follow up on your comment about using wildcard certs for EAP. Is the issue with the cert being the wildcard or begin the SAN cert? I was wondering if it's ok to create a single SAN cert with all ISE PSN names in it (without wildc...
