Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All,I'm configuring Cisco ISE policy sets according to this document:https://community.cisco.com/t5/security-knowledge-base/cisco-ise-with-microsoft-active-directory-entra-id-and-intune/ta-p/4763635/show-comments/trueIn that document when authenti...
Hi All,In Cisco ISE Self-Registered Guest Portal with "Require guests to be approved" option enabled, is it possible, that during registration visitor fill any employee email as sponsor email, then employee receive and approve guest access from that ...
Hi All,On Cisco WLC 9800 for Guest authentication external web portal authentication (non Cisco) is used. On web portal sponsor can approve for example 7 days for guest, however Guest wireless connection asks every day for authentication.I increased ...
Hi All,What is best practice of assigning IP addresses to Access Points: static or dynamic ? Please provide pros and cons for each one.For example consider deployment of 10 APs and deployment of 1000 APs.Thank you
Hi All,Switch port is configured for dot1x and mab authentication and default VLAN is guest VLAN.We want to block peer-to-peer traffic between guest hosts.What are possible solutions for this case? Thanks
Hi @Greg Gibbs Thanks for explanation. Without certificate Issuer/Subject in Authorization Policies all our tests were successful.However if there are some Policy Sets and if each one includes many Authorization Policies, certificate Issuer/Subject c...
Update: after increasing "Sleeping Client Timeout" more than 1 day, some users reported, that they had Guest connection in the next day without reauthentication.
Issue resolved!Firewall monitoring showed all SSH sessions allow, but actually security profile in firewall policy denied SSH at the end of backup process (~90%), because of so many parallel SSH sessions.
