About bikespace

bikespace · 05-31-2014

Hi all, Is it possible to issue a port bounce during guest flow process? After dynamic VLAN allocation I need to bounce the port so that DHCP renew is performed on the new VLAN. Doesn't seem to port bounce at present, but I'm guessing that the port ...

bikespace · 03-19-2014

There used to be a facility to add the secondary ISE admin node to the licensing so that there weren't problems when the primary fell over. I licensed a primary and secondary yesterday for base in this way. When I filled out the advanced license in t...

bikespace · 08-13-2013

Hi Folks,Well I thought I was pretty happy with licensing, and what I understood was:1. Licensing is based on number of concurrently active users.2. An advanced license is used if an endpoint is allocated an authentication profile based on a rule whi...

bikespace · 08-03-2013

Hi all,I'm fairly happy with backups and restoration on the admin node, but not done much with the monitor node.I think a while ago, I backed up a monitor node and restored it, and seemed to go ok, apart from the gap in logs while you're actually doi...

bikespace · 06-05-2013

I'm just playing about with ISE 1.1.4 and critical auth, but I have a fairly locked down default access list on the ports. Is there any way of overriding a very restrictive default access list in the event of a critical auth situation?It seems like i...

bikespace · 05-28-2015

Licensing is trust basis. Shouldn't affect you. It's not great but Cisco don't do a lot of the licensing side well. Until Cisco sort that and enforce the licensing you will be fine.The very worst they could try not to support you when you raise a cas...

bikespace · 05-11-2015

Absolutely! Such a disappointing solution. You'll notice this question is skirted around. You can use EEM scripts to add lines to the pre auth acl but it really feels like a bodge. Obviously you'll have to remove these lines too. Feature request ne...

bikespace · 04-17-2015

Your external router needs to have a route for the 195.x.x.x address via your device.

bikespace · 03-03-2015

I'm going to state this so that someone from Cisco can try to correct me: dynamic VLAN is not a viable solution for guest access with CWA!!!The marketing and sales guys might tell you that it is, but with a massive variation of devices connecting wit...

bikespace · 03-03-2015

In your authorization policy you are giving your Wired-Guest the same result as Wired-Webauth.First time through you don't know he's a guest so he hits Wired-Webauth and gets redirected. Second time through, you have him in guest flow, so you know he...

Member Since	‎12-13-2005 10:07 AM
Date Last Visited	‎08-18-2017 04:03 AM
Posts	83
Total Helpful Votes Received	35

User Statistics

User Activity

Port bounce during CWA process

ISE Secondary licensing

License usage

Backup of monitor node 1.1.4

Critical auth and restrictive access-list

Licensing is trust basis.

Absolutely! Such a

Your external router needs to

I'm going to state this so

In your authorization policy