Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We’re implementing a script-based posture condition in Cisco ISE to check domain join status on endpoints.As part of this setup, we’ve added the SHA-256 fingerprint of the ISE PSN's portal certificate into the AnyConnectLocalPolicy.xml file on the en...
Hi everyone,We are facing an issue with Intune-ISE integration, where ISE is not recognizing managed phones (iPhones & Android) as registered and compliant, even though Intune shows them as registered and compliant Scenario:When an iPhone connects to...
Configured an identity group and assigned it to the Hotspot Portal in Cisco ISE.Issue: When an endpoint hits the Hotspot Portal, its MAC address is not being stored in the configured identity group.Instead, the MAC address is being stored in the defa...
We have an endpoint with a PEAP Ethernet profile connected to port 5 on a Meraki switch. We have also configured the 802.1X access policy on the Meraki switch and applied it to port 5.When testing the RADIUS server from the switch, it successfully re...
Yes, I tested that as well.I disabled one PSN in the F5 pool and even powered off the same PSN to ensure all traffic goes to a single PSN, but the issue still persists. F5 still doesn't forward the RADIUS request to the active PSN.
The F5 VIP is not sending the RADIUS Access-Request to ISE at all. In my setup, the F5 internal interface (10.2.2.30) is added as a NAD in ISE , so any traffic from F5 to the PSNs would appear as coming from that IP.However, on the ISE side, I’m only...
Yes, I ran a packet capture using Wireshark to trace the flow.From what I observed:The Meraki switch (10.1.1.293) is sending the RADIUS Access-Request to the F5 VIP (10.1.1.220).Separately, I also see the Meraki switch directly hitting PSN1 (10.2.2.4...
