Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,
we have ISE 2.0 Patch 2 running (2.0 without Patch is the same behaviour).
We configured two Guest Portals, two Guest Types and two Sponsor Portals with two Sponsor Groups.
Each Sponsor group should only manage its own Guests and not see or ma...
Hello, when I authenticate an endpoint via ISE it shows as an "active endpoint".After some time (maybe one/two hours) the endpoint is not shown as active anymore although the aaa session is still active on the switch. In ISE it shows: DISCONNECTED (N...
Hello,I configured IOS device-sensor on one 2960CG-8-TCL switch. IOS is 15.2(2)E.Switchconfig:device-sensor filter-list dhcp list dhcp-list option name host-namedevice-sensor filter-spec dhcp include list dhcp-listdevice-sensor accountingdevice-senso...
Hello,we have placed the ISE in a DMZ. The NIC 0 is used for Administration of the ISE.The Switches send their RADIUS requests to the ISE via an out-of-band-management network which is connected to the DMZ though a Firewall.What if I want to use CWA....
Hello,let's take a look at this scenario. I have two Clients connected to a Switch each with a 1 Gig Link. The two Switches are connected via a 10Gig Link. Is the 10 Gig Link making the connection between the two Clients faster than having just a 1 G...
Hi,
yes you enter these commands on the two PSNs. In the CWA profile you uncheck the static fqdn box (so that it is NOT Static like in default profile). After that each psn will send the redirect url with these hostnames that you set on the cli of e...
You can also not use the static hostname but use a "ip host ..." setting via the cli instead to set a different hostname for the portal. This way you can have a customer url which is recognizable but there still would be two of them like guestportal1...
I think you need a Loadbalancer in front of the psn's which balances the radius request from the switches as well as the redirects for the clients and persists on the common session id. This way the PSN which got the mab request will also get the cli...
Ok. But what he is saying is:With IGMP snooping enabled and no querier (no querier, no PIM) the switch should drop all multicast packets because of igmp snooping and no known groups. It should not flood them. This is what the switch should do with IG...
Setting the certainty level higher does not help. I think this is not the problem.The problem is that ISE does not show the values that are beeing sent by device sensor. Look at the attached screenshots. The endpoint details should show all informati...
