Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
HiI ran into an issue installing the DigiCert TLS RSA4096 Root G5 onto Cisco CUBEs (running 17.9.5a). TAC resolved this for me and I though that I'd post the solution here.The pem file for DigiCert TLS RSA4096 Root G5 contains the word "quit". When p...
HiI'm using dynamic VLAN and TrustSec SGT assignment on Catalyst 3650s with ISE 3.2 patch 7.The authorization policies are working as expected but I'm seeing some anomalies in the NetFlow stats for the VLAN that clients are assigned to.The NetFlow st...
HiI'm using ISE 3.2 patch 7 - deployment was recently upgraded from ISE 3.2 patch 3.There is a policy set for wired CWA guest portal that has stopped working since the patching. The wired Guest flow used is inline with the image belowAfter the client...
HiI'm running into some teething issues with Cisco ISE RADIUS persistency on a Citrix MPX Netscaler.Configuration is pretty much in line with Cisco document below.https://community.cisco.com/t5/security-knowledge-base/citrix-netscaler-cli-configurati...
HiI'm using a 3rd party signed certificate on ISE 3.2 patch 3 for EAP authentication.This certificate has 2 Alternate Certificate Chains. ISE currently has the top path/chain installed in its Trusted Certificates store for chaining the EAP certificat...
HiHave you had a look at this thread regarding Windows 11 using TLS 1.3? It has a link to another thread showing how to disable this on windows 11 clientshthAndyhttps://community.cisco.com/t5/network-access-control/ise-3-3-802-1x-eap-tls-tls1-3/td-p/...
HiThere's an old thread below discussing polycom dhcp issues with dynamic vlan assignmenthttps://h30434.www3.hp.com/t5/Desk-and-IP-Conference-Phones/Polycom-VVX-phones-on-an-802-1x-EAP-Enabled-Switch-fail-to/td-p/8793019Is seems to suggest that for m...
HiThe link below states:If the phone can’t communicate with the DHCP server on startup, the phone’s status bar reports Network Down. The phone communicates with the DHCP server every 5 minutes to acquire an IP address or for lease renewal.https://doc...
Hithe thread below discusses how windows 802.1x supplicant detects a vlan changehttps://community.cisco.com/t5/network-access-control/dynamic-vlan-behavor/td-p/4589001The output you posted shows that you are using mab for the printer - does the print...
HiIs the printer getting an IP prior to authorization? If so, the printer will retain this DHCP lease even if its nic is bounced.I've seen this behaviour across all printer vendors.Try reducing the DHCP lease time of the landing VLAN to a matter of m...
