Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello everyoneDoes anyone has an experience with ISE (3.x) configuration related to 802.1x for wired clients connecting to network where identity lookup in AD shouldn't be done?We have some specific use case for clients who are issued with certificat...
Hello.May I ask you if anyone knows what are the license requirements for successful migration from AnyConnect 4.x to Secure Client 5 from license point of view?As usual Cisco doesn't make it anyhow easy to understand and available Q&A section is qui...
Hi all,Though someone might be able to give me some better understanding about CDO features. I thought to be impressed by CDO but during testing my "whoa" effect has not arrived (yet) about CDO and it's potential.... Maybe just in points:Is there a ...
Hi all,I'd like to kindly ask you if you guys have any experience or even recommendation how to "modify"/"update" Wireless Guest portal running on ISE with additional login option for employees ideally "hidden" one.At the moment CWA is configured wit...
Dear all Does anyone face an issue with calling API to create Guest wireless accounts with Cisco ISE (we are running version 2.6 with latest patch#9).There are brilliant articles and pretty straightforward from Cisco and even here on community:https:...
I will be able to test hopefully next week, though SAN entry is natural choice as that is something our PKI is prepared for to specifically change for certain clients. Think I can use other certificate attribute like Certificate Template used which w...
I can give a try, though this would be quite unfortunate as Windows 11 are by nature manage through EntraID and therefore are not part of internal domain ISE uses for identity lookups...That is the reason why we are looking into verification of the c...
Hi, yes I have a client to test this policy with and I can always see in log details (steps) involving identity lookup which shouldn't be happening, to my understanding.Policy is quite simple.Policy matching criteria is based on Wired_802.1X using TL...
Hi @Rob Ingram @Cristian Matei My CAP is configured as per attachment and there is no option to "exclude" such AD lookup as far as I can tell..However, even though I can see in log entries that processing is trying to query domain for an identity che...
