Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi all,I have my ISE cluster deployed in Microsoft Azure and I have spent for over a week to troubleshoot a certain issue that I'm having. Unfortunately it seems that Azure is causing this and I'm wondering what everyone does to mitigate this. The is...
Hi all, I have configured my ISE setup to validate certificates against a external OCSP responder but I do not get it to work. The 802.1X certificates that my supplicants are using are issued by the external CA and my ISE setup has this certificate ...
Hi all,I'm trying to setup ISE to perform a simple MAB profiling for a printer. For some reason ISE rejects the printer the first time I connect it:Event5400 Authentication failedFailure Reason15039 Rejected per authorization profile I am using an au...
What you can do is pointing a supplicant to test with to a specific PSN node and then run packet captures across your network path. You can track them by using the identification field field in the IP header (e.g. wireshark: ip.id == 0x66c4). Look i...
This is still going on and I think it is not going to change. I'm facing the same issue and reached out to Microsoft about this, the basically said the following:1. If out-of-order fragment reordering is needed, Azure can only enable this with the f...
I have tried to do this with wired zebra printers, using eap-tls to authenticate them against ISE. I had a range of different models of Zebra printers and my observation was that that some models (mainly the newer ones) worked but that the older ones...
So, I have basically packet capture'd the whole path (where I could). At the last hop of our infrastructure I've captured the interface on which the Express Route is terminated and I have also captured the next hop, which is our firewall in Azure. So...
little update here - I am in touch with Microsoft now but they claim that they can only enable this flag for traffic that is originating from the internet to a public IP. We are using a Azure Express route so that is not the case and they claim tha...
