Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi I have upgraded to ISE 2.6 patch 4 and recently installed Patch 4 Hotfix. I noticed that a users in AD group for OWN_ACCOUNTS set to "Approve/View Only pending accounts assigned to this sponsor" don't see the approved guest account with One-Click ...
Hi,I have been able to change the Help link on the Sponsor Portal login and Account portal pages. However, I noticed that this change didn't affect the One-Click Approval page when the Sponsor clicks the Approve/Deny email. Under Portal > Manage & Ap...
My set up is foreign-anchor with ISE PSN for Guest in the DMZ. Replication/Sync is ok between the Admin node and Policy node in the DMZ. ISE version is 2.4 I am able to self-register and Sponsor approves. Guest then gets an Email, but is unable to lo...
Hello,I fully understand how ISE interface alias works for Portal services on non-Eth0. My question is regarding EAP Cert using Public CA. I will use the following scenario:ISE hostname = ise1.company.localEAP SAN = ise1-aaa.company.comInterface = Et...
Hi,
I have noticed that when the Access Time allowed is set for a guest type, it doesn't automatically set the duration period in the Sponsor portal account creation page under the Access Information column. I find this strange and not intuitive. Thi...
Thanks for responding, given that the post is old. Based on what you said, I guess that the CN would be relevant if a public cert with no SAN is used, which I’ve mostly seen used for guest portal, but for private domain, a DNS for a “generic” CN isn’...
@Damien Miller CN=ise.mydomain.comSAN=ise.mydomain.comSAN=node1.mydomain.comSAN=node2.mydomain.comSAN=guestportal.mydomain.com Based on the example you gave above, can the CN=ise.mydomain.com be a DNS Alias for PSN1 and PSN2 instead of an A record? ...
Hi @lazuardinurfaiz15 The commands for AIREOS controller is different from IOS-XE controller, so I can't help you on that. I merely pointed what may be your issue, as it's same as I had with an IOS-XE controller. You can do a show telemetry on your W...
Hi @lazuardinurfaiz15 Are you using CA signed cert on the DNA and using self-signed on the WLC or are both devices using self-signed?The error you have is similar to an IOS-XE controller such as 9800. It's either a certificate trust issue or the devi...
