About BlackDiamond71

BlackDiamond71 · 05-13-2025

I have Cisco ISE setup using IBNS 2.0 but without Radius DTLS and CoA seemed to work fine. I converted it to Radius DTLS and when I did that, I can no longer do CoA commands via the endpoints page of Cisco ISE. I included the names of the trustpoints...

BlackDiamond71 · 05-06-2025

I am using Cisco ISE and have Radius DTLS configured on my cisco switch using the IBNS 2.0 template. I have a GPO set to push out the Supplicant and have the following EAP settings "Verify the server's identity by validating the certificate". I have ...

BlackDiamond71 · 05-02-2025

I noticed a couple things in the IBNS 2.0 Template that gave me a little pause. Any help would be much appreciated.1) I noticed in Cisco 9300 Version 17.12.04 this command does not work. Is there any recommended commands to use in place of this one? ...

BlackDiamond71 · 04-29-2025

I've configured the IBNS 2.0 template on my cisco switch and have tested and got everything working, I just noticed they don't use Radius DTLS. I was going to go through the process and modify the config to use Radius DTLS, I'm just wondering if anyo...

BlackDiamond71 · 04-24-2025

I have Cisco ISE setup to use radius via our cisco switches and 802.1X configured on the user's machine. Everything seems to work fine, but when I login with our LAPS user account, LAPSUser (For this example), it won't properly apply the policy set b...

BlackDiamond71 · 05-05-2025

Most of the ports on the switch would need this. Essentially I am thinking from the end user perspective. This will happen rarely, but if they bring there laptop and connect it to another desk where a laptop was previously just working I would like i...

BlackDiamond71 · 05-05-2025

Under the authorization profile > Advanced Settings > I set Idle-Timeout=60. This seems to work. Is 60 a good value? And doing it this way is there any issues that could arise?

BlackDiamond71 · 05-05-2025

Disregard, wrong page

BlackDiamond71 · 05-05-2025

Yeah, Didn't see anything in there. Unfortunately this is causing funky behaviors without it reauthenticating. For example, I have a phone plugged into a laptop and everything authenticates. I unplug the laptop and plug in a different laptop while th...

BlackDiamond71 · 05-05-2025

So for the template, do you recommend using "subscriber aging inactivity-timer 60" and not the other two commands? Also, any idea what I would use for "authentication timer inactivity server dynamic" if it isn't working in 17.12.04?

Member Since	‎04-21-2025 09:00 AM
Date Last Visited	‎05-09-2025 12:53 PM
Posts	17
Total Helpful Votes Received	1

User Statistics

User Activity

Radius CoA not working

Network Supplicant - Verify Servers Identity

IBNS 2.0 Template Settings

Cisco ISE - IBNS 2.0 & Radius DTLS

LAPS with Cisco ISE

Re: IBNS 2.0 Template Settings

Re: IBNS 2.0 Template Settings

Re: Network Access Control - inactivity timer and reauthentication

Re: IBNS 2.0 Template Settings

Re: IBNS 2.0 Template Settings