Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, I'm trying to use GCM-AES-256 with Catalyst 9300 and MACSec. Tested with default MKA policy that uses GCM-AES-128 and everything works fine, it gets authenticated with ISE and I can see MKA session secured in switch. When changed encryption algor...
Hi,
We are working with an end customer to register their recently bought licenses for Base and TMC (Threat, Malware and URL filtering) features on FPR. He is using a Satelite server (CSSM on-prem) to activate Smart Licensing to all of his Cisco's pr...
Hi, We have a an ISE working with dot1x and mab for user authentications, but it looks its not working with posture process when trying to reach a switch via MPLS, even with firewalls with "permit any any" in both directions for ISE and switch. AnyCo...
Hi, I have a switch that recently was updated to version 16.9.5 and since then users were rejected from network. Every user has same problem and log: Switch 1 R0/0: sessmgrd: Authorization failed or unapplied for client (001f.b532.aeb0) on Interface ...
Hi, We are deploying ISE 2.6 with patch 2. We deployed one site to work with Anyconnect 4.5 and Anyconnect 4.7, it worked fine with EAP-FAST, AD and Posture (only Anyconnect 4.7). End customer needs time to upgrade Anyconnect 4.5 to 4.7, that is the ...
Hi,Thank you for your help, I needed to move AV condition as AM condition to use it as 4.x version, since AV conditions are available only for 3.x. When applied and shut/no shut to user interface now Posture Status is "NotApplicable".
Hi, Thank you for your help, Is it required to point to provisioning portal even when clients there will not download installation packages? Or even if it is not provisioning portal? Thanks a lot.
Now both machines works in wired 801.x authentication. I see the same problem is present in wireless network, it shows same behavior, requires login to user and looks like NAM doesn't use machine for both user and machine authentication. This time in...
I think the problem is the register, we tried with a machine with register modified to allows unencrypted secrets and it works. But the other machine is not modified.
