Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,
I'm looking for a way to configure automatic posture reassessment using AnyConnect client on workstations every X minutes.
This is required to ensure that the workstation is compliant and if a change to the posture policy was made it would be ...
Hello everyone,
I was wondering if there's a way to force authenticate/authorize a specific endpoint (or group of endpoints) using ISE GUI in case of a failure or t-shoot needs.
For example, let's say that the CEO's workstation is not passing 802.1x ...
Hello,
I'm having struggles with Windows 10 machines authentication process which is based on client certificates.
Before I will elaborate on the errors I observe, I'll share the configuration of components along the way.
Windows 10 configuration:
...
Hi guys, I'm planning to migrate my ACS deplyoment to ISE, but I have some questions regarding the deployment model I should use. My topology is the following:1 - central site3 - customer sites The central site acts as the primary ACS, while all othe...
Hi guys,
I was wondering if there's an option to download all the MIB's of a specific N3K model - C31128PQ.
I know there is an option to run snmp-walk but this is not an option right now.
In that case I'd like to get a clarification, because based on Cisco's documentation it fits our needs.
If not PRA, what do you recommend beside of API?
Hi, thank you for your reply.
I believe that there must be a way to send the same re-authentication command using GUI - under Context Visibility > CoA Reauthentication.
The problem is that it is only valid for endpoints having an active session with ...
Hi @techno.it ,
1 - Sounds fine and that it covers to your system requirements and restrictions. You dow however need to make sure to open all relevant firewall policies and ensure sufficient bandwidth for nodes intercommunication.
2 - PAN nodes supp...
@Arne Bier thanks for introducing me Vanilla ISE! I never heard of it before and after seeing the video presentation I understand that it is quite close to what I was looking for and that I can actually develop something on my own for our different n...
Thanks for confirming this optional solution. I was hoping to find a more intuitive built-in solution such as other NAC vendors provide. Several disadvantages I think of are:
1. I will need to be in much more control over these identity group and the...
