Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Have anyone else noticed that all the new profiling policies provided by Cisco are configured to create matching Identity Group ?
The explanation from Cisco TAC is that this is how it is supposed to be, I just find it odd that suddenly all these d...
Wonder if anyone else experienced this strange thing 2 days ago.
Suddenly ISE decided to perform CoA on a lot of endpoints, some of them several times, some only once.All the endpoints were Cisco accesspoints, which in our setup results in a port-bou...
This actually turned out to be the issue. So after regenerating the kong certificates, we could login to the ISE CLI/console again and the webgui started up.
Hi Marcelo,
Thanks for the feedback. Yes, that probably ends up being the solution - but I surely hope Cisco/TAC are interested in finding the rootcause to prevent other users getting hits by the same issue
The deployment is only used for tacacs an...
Hi Ryan,
Sorry for waking up this old thread - but we might have hit the same issue as you, and I wonder if you ever got it fixed (and found the rootcause) ?
We upgraded from 3.2p6 to 3.3p4.
Issue shows up clearly using securecrt as ssh client, here ...
After a long session with TAC we ended up with conclusions/actions:
- We have changed the behaviour of profiling from port-bounce to re-auth, to avoid AP's and ip phones being reloaded in case of re-profiling.
- We have disabled automated profiler fe...
