About dgaikwad

dgaikwad · ‎03-05-2019

Yes, these are some good documents to get started. Thank you!

dgaikwad · ‎02-26-2019

Hi There, I was to setup and test Easy Connect in my lab setup. But not sure where to start from, could anyone share some documents and use cases for this kind of deployment? Thank you!

dgaikwad · ‎02-21-2019

Yes, the Ad Block was the issue. Turned if off for the ISE server and then was able to run all fine. Thank you!

dgaikwad · ‎02-20-2019

Hi, I am running test instance of ISE 2.4 with patch 5. When I am trying to add to AD to external identity sources, the box is not populating here. (The box that comes post clicking Add) But, if follow the same steps on my remote machine (which is closer to where ISE instance is running) the box is loaded. Any ideas?

dgaikwad · ‎02-19-2019

Thank you! This has cleared the usage for these commands.

dgaikwad · ‎02-19-2019

Hi All, I see that when configuring the posture policies, all the conditions that I specify will be evaluated based on AND operation. But, what if I want to specify condition based on OR operation? This is because I have a requirement, where I am checking for Windows Defender as well as presence of another anti-virus running on the computer. The posture policy that I was able to, where I am checking if, presence of Windows Defender as well as another any anti-virus. But, I am not able to figure out a way where, say, Windows defender is not running and but another anti-virus is present on the client.. then the policy that I configured above will still be false.. Would this work, if I keep Windows Defender check as optional and any anti-virus as mandatory?

dgaikwad · ‎02-19-2019

Hi Experts, There is this command, access-session host-mode, used while configuring the port for 802.1x authentication. The command has, option for multi-domain and multi-host... So, if use multi-domain, then in that case, it will only allow one data and one voice connection on the port, correct? And if I use multi-host command, then in that case it will allow voice and data, as well as many other clients to connect? (suppose I connect a hub to this interface, and then connect multiple clients to this hub. Will then each of these clients will be authenticated separately?)

dgaikwad · ‎02-18-2019

I went through the document, but it still did not answer my question regarding setting up CWA using new-style of commands. I am looking for such a document that gives pointers to commands of configuring the switch using C3PL for CWA and Dot1x

dgaikwad · ‎02-15-2019

Hi Experts, Seems that Cisco will be moving to using C3PL more and more. I was going through the following documentation to learn more about new-style of configuration here This documentation does explain how to get to do this C3PL configuration for dot1x and MAB. I was looking for some more examples on configuring posture and CWA from the switch. Could anyone please redirect me to some more articles that talk about posture configuration and CWA using this new-style of configurations and use of the new-style commands.

dgaikwad · ‎02-14-2019

Recently I was testing the application of patch 5 to 2.4. I chose to do the patching using CLI. I applied patch 5 to the secondary PAN first, the patch got applied without any issues, and the node is still connected to the cluster there has been no error reported. The questions it that, when I am creating a cluster ISE asks for every node to be on same version and patch level. But, when I chose to apply the patch to a node in a cluster there was no check made! Is this an acceptable behaviour or am I missing a crucial step here? Any pointers?

dgaikwad · ‎02-13-2019

The value for Max pxGrid Subscribers: Is this count of a number of pxGrid applications that I am integrating with ISE? Like Stealthwatch or IBM QRadar?

dgaikwad · ‎02-13-2019

Hey Guys, I would like to know how many nodes could I have with pxGrid persona in a distributed deployment?

dgaikwad · ‎02-11-2019

Well, that makes sense... Thank you for all the inputs...

dgaikwad · ‎02-11-2019

Yes, that was the same method that I followed and it was a success. Issue closed.

dgaikwad · ‎02-11-2019

Hi Jason, I was able to resolve the issue with the integration. It turned out to be a configuration issue, I followed all the suggestion provided here in this Document

dgaikwad · 05-09-2019 12:12 AM

Hello There,We are setting up a lab, integrating QRadar and Cisco ISE with pxGrid.With this configur...

dgaikwad · 04-16-2019 12:32 AM

Hi There,There is an option on ISE where it could be used as a radius proxy server.I am quite curiou...

dgaikwad · 03-22-2019 12:14 AM

Hi All,I have this following requirement,Two ISE (ISE01 and ISE02) servers installed. ISE01 will act...

dgaikwad · 03-19-2019 12:48 AM

My concern was that, if it has already checked for AV install, then in the definition check its agai...

dgaikwad · 03-18-2019 12:18 AM

Yes, when the user logs off, there is one authorization profile is used. Basically, when machine pas...

dgaikwad · 03-18-2019 12:15 AM

There are two conditions to check if Symantec anti-malware installed, for ver 12 and ver 14.These tw...

dgaikwad · 03-15-2019 09:34 AM

Hi Experts, There is this requirement that I am testing out at a client. We are using NAM to allow m...

dgaikwad · 03-15-2019 09:26 AM

Hi Experts, I created two conditions, one to check installation of AV and second one to check the de...

dgaikwad · 03-14-2019 04:02 AM

So, if this client is being used, then there is no chance of running posture checks using ISE?Can it...

dgaikwad · 03-13-2019 04:33 AM

Hi Experts, I am looking for some details over the integration and working on Pulse Secure Client wi...

dgaikwad · 03-12-2019 03:07 AM

Was able to resolve the issue. Had to add the entire subnet in the redirect ACL on ASA for JAMF clou...

dgaikwad · 03-05-2019 04:52 AM

Yes, these are some good documents to get started. Thank you!

dgaikwad · 03-05-2019 04:41 AM

Hi Experts, I am trying to configure the following use-case and its flow is as follows: 1. If the us...

dgaikwad · 02-26-2019 12:49 AM

Hi There,I was to setup and test Easy Connect in my lab setup. But not sure where to start from, cou...

dgaikwad · 02-21-2019 11:14 PM

Yes, the Ad Block was the issue. Turned if off for the ISE server and then was able to run all fine....

Date Registered	‎09-14-2016 02:06 AM
Date Last Visited	‎06-19-2019 12:40 AM
Total Messages Posted	173
Total Helpful Votes Received	16

Re: Deploying Easy Connect

Deploying Easy Connect

Re: Unable to add AD in external identi...

Unable to add AD in external identity s...

Re: ISE post configuration using comman...

Using posture conditions

ISE post configuration using command - ...

Re: new-style commands for central web-...

new-style commands for central web-auth

Patching nodes

Re: Number of pxGrid nodes in distribut...

Number of pxGrid nodes in distributed d...

Re: Push two authorization profiles in ...

Re: Addition of a PSN

Re: ISE and SMS gateway integration, er...

pxGrid and automatic quarantine

Radius proxy use cases

ISE as an LDAP server

Re: Anti-Malware installation being checked twice

Re: Performing posture assessment once a day

Re: Anti-Malware installation being checked twice

Performing posture assessment once a day

Anti-Malware installation being checked twice

Re: Integration questions: Pulse Secure Odyssey Access Client and Cisco ISE

Integration questions: Pulse Secure Odyssey Access Client and Cisco ISE

Re: Configuring JAMF + VPN + ISE

Re: Deploying Easy Connect

Configuring JAMF + VPN + ISE

Deploying Easy Connect

Re: Unable to add AD in external identity sources