Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,We've upgraded from ISE 2.4 to 3.0 Patch 2 via backup & restore method to a staged v3 deployment, however upon the Restore completion a purge rule was enabled [disabled in the backup of v2.4, enabled out of box in the v3 for an unknown reason]. Th...
Hi, I'm trying to understand the behaviour of the ASAv with AnyConnect Client SSL encapsulation and DSCP markings. When encapsulating traffic destined to a remote AnyConnect SSL Client, does the ASAv preserve the DSCP markings from the original packe...
Hi Is it possible to use the BYOD Apple Mini Browser flow with dual SSID BYOD differentiated portal set up documented by Hosuk Won in the (great) prescriptive deployment guide here:https://community.cisco.com/t5/security-documents/cisco-ise-byod-pres...
Hi I am trying to implement an 802.1x network in foreign/anchor setup, with an ISE web-auth redirect for devices in the “blacklist” endpoint group.My foreign WLC WLAN is doing the RADIUS auth and accounting requests, and the Anchor WLC WLAN has RADIU...
Hi, With AnyConnect 4.7, is it possible to apply an equivalent of the always on VPN “connection fail closed” policy to a Management Tunnel / User tunnel setup? I’ve been testing the new mgmt tunnel feature, and have found that in a captive portal neg...
Better late than never - Cisco TAC confirmed the bug was fixed in Any Connect 4.8.01090 - we tested and confirmed the issue was resolved 9/1/2020 - forgot to update the thread, start of 2020 was busy for all of us!! Hopefully this may help someone ru...
Still back and forth with TAC, but it transpires that what we are trying to do is NOT supported.TAC believe it relates to this bug / enhancement request: “import the BYOD Devices to MY Devices portal manually” it is addressed in the below Enhancement...
Thanks Arne; they can be but our implementation has different endpoint groups based on use-case/context (and purge requirements Haha!!) We now have a case open with TAC, they suspected what we are seeing is an existing bug but it’s not quite the same...
I noticed this post in relation to a similar need, Jason Kunst replied with export / import process for ISE 2.1, but as above it doesn't achieve what we need.https://community.cisco.com/t5/network-access-control/byod-export-registered-endpoint/m-p/34...
