Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi experts,
We have a customer who is moving from ISE 2.1 to 2.4. They have identity rewrite configured for their ADs. When a user logs in with their ID and EAP-TLS has performed the identity sent from ISE is 'host/hostname'. ISE looks for 'host/h...
Hi Folks,
I am trying to create a virtual lab for dot1x and hence need to configure the N1k on the vsphere. I ve hit the following roadblocks and would be great if someone could help out.
Ive installed Nexus 5.2(1)SV3(3.15) on an ESXi 5.5(the on...
Hi Experts,
I am looking for some explanation on the below setup if this is indeed expected or as per design.
While running some tests on ISE I tested on a VM as well as a physical device and verified that the interface shows as UP if it has an ...
Hi Experts,
This is with reference to the question asked in the following link https://community.cisco.com/t5/identity-services-engine-ise/creation-of-secondary-ip-or-ip-loopback-with-32-on-ise/m-p/3523973#M8886
From what I understand we still c...
Hi Folks,
I have a quick query on compatibility for Etherswitch modules for the ISR. The specific modules I am interested in are
Cisco SM-X Layer 2/3 EtherSwitch Service ModuleCisco NM EX24ES1GECisco SM-ES2-24-P
I checked for these PIDs and thes...
Well, it's not about responding in a timely manner. TAC is on it and attempting the repro. I mentioned the case so that anyone interested can have a look. I started the thread to see if anyone else has seen the behavior or if someone from the BU can ...
Hi Hsing-Tsu,
Thanks for the reply. I agree it's not really necessary but its a necessity for this customer since they have a complex AD structure. They have 3 AD entry points out of which one is not trusted by the other. For them to look into the...
We did do a lot of testing for this. Apparently, when using an IDentity source sequence the first one always takes the machine auth format 'host\hostname' and all subsequent ones ISE identifies them as a user without this format. We tried multiple co...
True I agree but where im coming from is considering this is more of a security server i thought routing functionality is not really internally required. Considering there's no option to configure loopback interface im thinking the thought process co...
Hey Suri,
Yeah I actually did go through the doc thats where Craig pointed to the Cisco Live doc 3699. Im concerned about any other repecussions or design loopholes to look out for of having a secondary IP configured on ISE to accept TACACS+ reque...
