About drr

drr · 03-29-2025

Hi team, We have a hybrid on-prem/Azure environment but currently running ISE on-prem as a small deployment (2 nodes) as well as two load balancers. We are thinking about moving one of the ISE nodes to Azure and would like your advise on what approac...

drr · 03-27-2025

Hi team, We are using self signed certificates for EAP authentication in ISE and wondering if its possible to have one of the nodes sign both EAP-certificates for both nodes? The reason is to avoid deploying certificates for both ISE nodes to every c...

drr · 03-17-2025

Hi team, We've run into a strange problem we've never encountered before. We have deployed machine certificates from a Microsoft CA which we use for 802.1X auth.ISE system certificate for EAP auth is self-signed, and deployed as trusted on the client...

drr · 12-03-2024

Hello team, Anyone knowing which Secure Client version is compatible with Windows Server 2012 R2? Thanks!

drr · 11-29-2024

Hello team, With the new Secure Client portal and deployment, there is only an option to download the .exe file. Earlier, when installing Anyconnect, .msi was an option where you could choose to disable the VPN module. I want to do the same via the S...

drr · 04-06-2025

Hi @Greg Gibbs Was looking back at this case which helped me solve a case we had with a customer on prem. Thanks for all the help!But, now I have another customer running ISE on prem but want to move one of the ISE nodes to Azure. The challange for...

drr · 04-06-2025

Hi @thomas,Was looking back at this case which helped me solve a case we had with a customer on prem. Thanks for all the help!But, now I have another customer running ISE on prem but want to move one of the ISE nodes to Azure. The challange for this ...

drr · 04-05-2025

Hi and thanks for responding! As far as I understand, for the LB to work transparent, ISE need to route the traffic back to the LB for all the NADs. This is impossible since on-prem ISE is not in the same network as Azure LB. So how do you solve it...

drr · 04-05-2025

Hi and thanks for responding! As far as I understand, for the LB to work transparent, ISE need to route the traffic back to the LB for all the NADs. This is impossible since on-prem ISE is not in the same network as Azure LB. So how do you solve it?

drr · 03-29-2025

Thanks for the detailed answer Arne. The reason is that in this case, ISE servs several diffrent domains and CA issuers so we couldnt issue a certificate from a specific CA. However, we did setup a MS CA and issued a cert to the nodes as it was the o...

Member Since	‎02-25-2023 05:58 AM
Date Last Visited	‎04-11-2025 10:43 AM
Posts	27
Total Helpful Votes Received	2

User Statistics

User Activity

Cisco ISE hybrid environment

Cisco ISE CA best practise

EAP-TLS handshake fail - peer did not return a certificate

Secure Client compability

Install Secure Client without the VPN module

Re: Loadbalancer (NGINX) and Cisco ISE

Re: Loadbalancer (NGINX) and Cisco ISE

Re: Cisco ISE hybrid environment

Re: Cisco ISE hybrid environment

Re: Cisco ISE CA best practise