Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,
we are using for the VPN access the ability of HostScan to gather the BIOS ID. It works. Only the allowed PC's BIOS ID are able to connect to the ASA. But some of the new laptops with UEFI bios does not return any value for BIOS ID option.
Some o...
Hello,
do anybody knows what kind of bugs this patch fixed ? If you click on the link provided by Cisco (release notes) you just see the submenu "bugs or fixed in this release". But If i change the search button to fixed in this release, nothing app...
Hello, We have set for some Sponsor group the possibility to not "view Guest password". Then we enabled "Send SMS notification". - We would like to limit some sponsors to not be able to see the Guest password, but have the possibility to send the cre...
Hello,we had two ASA with IPS SSM 10 sw 7.1.6. Automatic signature update failed. (Last attempt was more than 70 days). I tried to update IPS manually (sometimes it hapenned) . From IME (7.2.3) I saw warning message: I tried update from CLI = same r...
Hello,
we are facing the same problem. Ikev2 , Anyconnect and the EAP-MSCHAPv2 authC method.
Its sad, that Cisco is not able to authenticate the IKEv2 clients (MSCHAPv2) on the routers with the ISE/ACS combination at all. The only possible way is th...
Thank you for your answer. If we summarize it - ASA with HostScan and LUA are "good tools" for checking of the endpoint. ASA attribute (send via RADIUS to ISE) except the attribute mdm-tlv=device-mac= are useless. Yes, possible solution is the postur...
Hello,
My question is regardless to integration between ISE and ASA VPN. Cisco ASA from version 9.2 is able to send to ISE some of the endpoint’s attributes via RADIUS protocol. (mdm-tlv=device-platform, mdm-tlv=device-type=, mdm-tlv=device-mac=, md...
Hello Jason,
thx for the information. I got the message from TAC. We have opened the case related to this thread two weeks ago.. Now we got at least some tiny progress
Jason, thanks for reply. We know that the customer MUST sometimes upgrade the ISE deployment. But first at all Cisco told us weak DH cipher will not be resolved in 1.2.......
Anyway, I spoke about hotspot portal due to no u/p required for access and ...
