Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a Meraki WAP that is generating alarms in ISE for COA Failure and the event is 5417 Dynamic Authorization Failed. The Access Point is connected to a Catalyst 3850 running IOS-XE 16.6.4a and we are running version 2.6.0.156 Patch 3 of ISE. The ...
We are rolling out the wired 802.1x configuration to our switches and we currently have authentication configured as open to prevent any issues while we tune our ISE implementation. We consider our Guest network to be out of scope of our ISE implemen...
We are in the process of deploying ISE 2.6 Patch 3 and are using Cisco AnyConnect Network Access Manager for EAP Chaining. We have ran into a a situation where whenever no user is logged into the machine it becomes unreachable (no ping, VNC, etc.). I...
I have a Unity Connection cluster with 1 Subscriber. I would like to decommission one of the nodes due to a corruption in the database which is causing a constant split brain scenario. Is there a procedure to follow to properly decommission the node?...
We have 2 FTD 2110's in a HA pair and upgraded the FMC and FTD cluster to 6.2.3.13 (build 53) and when the the first FTD rebooted it no longer communicates with the FMC. I found in the event log that it appears that events are being blocked between t...
This is just wired Guest endpoints and we don't do any authentication we simply have a VLAN configured with an ACL that only allows access to the Internet. The guests are all on the same endpoint across several switches.
Thank you so much! The issue was the DACL which I didn't event think that I had applied anywhere but clearly I had somehow managed to do just that. I really appreciate it and I have made adjustments to the DACL and now I am able to connect to the mac...
I don't think that I have a DACL assigned to that Authz Profile. My DACL config is:permit udp any eq 68 any eq 67permit udp any any eq 53permit ip any host <DNS SERVER IP>permit ip any host <DC IP>deny ip any any
switchport access vlan 11switchport mode accessswitchport voice vlan 64switchport port-security maximum 5authentication event server dead action authorize vlan 254authentication event server dead action authorize voiceauthentication event server aliv...
