About SzantaiNorbert

SzantaiNorbert · 12-02-2025

Dear All, We are trying to integrate JAMF Pro with our Cisco ISE 3.3. Based on the documentation it's pretty straightforward, but it seems that it can be only used while connecting on WiFi using certificates. If we are connecting via VPN, ISE is stil...

SzantaiNorbert · 01-21-2025

Dear All, Starting with Secure Client 5.0 we have the ability to automatically select a certificate based on the template identifier:https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/Cisco-Secure-Client-5/admin/guide/b-cisco-secure...

SzantaiNorbert · 05-15-2024

Dear All, I was trying to create a script that will list out every authentication/authorization policy that has 0 hitcount, but it seems that the OpenAPI returns 0 hitcount for every policy set. ISE is 3.2 with P5If I am using ISE 3.1 it's working fi...

SzantaiNorbert · 04-30-2024

Dear All, Is it possible that ISE Posture conditions are not managable via API? I could not found them neither in the ERS API Guide nor in the OpenAPI Guide. Regards, Norbert

SzantaiNorbert · 02-24-2023

Dear Community, Does anybody know how the audit posture conditions are evaluated? Based on my understanding the audit conditions should be used to determine if a condition is good to go before changing it to mandatory. Right now we have 2 mandatory a...

SzantaiNorbert · 01-05-2026

Just FYI, for me the microsoftonline.com was enough.

SzantaiNorbert · 12-02-2025

It’s certificate-based, but the certificate is only presented between the client and the ASA. Between the ASA and ISE it’s RADIUS, which is why we can’t see the certificate details there—only the RADIUS username. Why ASA: we’re not using any features...

SzantaiNorbert · 12-02-2025

Hi, VPN headend: ASA 4100 with 9.22 latest interim.No, we are doing authention and authorization as well.Regards, Norbert

SzantaiNorbert · 12-01-2025

Hi Maher, I am using ASA 9.22, but the SAN-DNS field is not available in the username-from-certificate command. What version you used during the tests?Regards, Norbert

SzantaiNorbert · 09-15-2025

We had the same problem in our network, and turned out that "aaa authorization console" was enabled in the switches. Turn it off and the logs will disappear.

Member Since	‎04-05-2018 03:15 AM
Date Last Visited	‎01-16-2026 10:25 AM
Posts	29
Total Helpful Votes Received	6

User Statistics

User Activity

ISE <-> JAMF Posture integration

Secure Client Template Identifier

ISE OpenAPI Policy hitcounts

Posture Condition via RestAPI

Posture validation in Audit mode

Re: Secure Client VPN Always-On – Allow Hosts for SAML Authentication

Re: ISE <-> JAMF Posture integration

Re: ISE <-> JAMF Posture integration

Re: Secure Client computer cert username

Re: "async" user Bombing ISE. why ? and how can I block it ?