Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,
I have an ISE 2.2 p9 deployment. domain1.com AD joined to ISE and working well for our users. Another domain2.com is also connected to ISE as we use 2-way trust between domain1.com and domain2.com.
domain1.com uses PEAP - this is our organiz...
Hello,
I have an ISE 2.2 p9 deployment. domain1.com AD joined to ISE and working well for our users.
We have a new requirement where users of domain2.com will visit our offices, use our SSID and must be authenticated by our ISE. For this 2-way trust ...
Thank you very much @Surendra, it started to work after importing the CA cert. From security perspective, am I supposed to do AD lookup too after the EAP-TLS machine/user cert check goes through?
Whats the best practice?
I am blanking at the mome...
I can confirm that yes all ISE nodes needed to speak to the other domains as well. We had a firewall blocking the access, as soon as it was allowed authentication with the other domain's AD started working well.
