Network Access Control

Hello all Is it possible adjust session timeout for Guest user  authentication  so the guest only have to authentication  every 24 Hours ?

I am looking to find some information on ISE update URL's:From ISE 2.2 Release Notes:   Client Provisioning portal — https://www.cisco.com/web/secure/pmbu/provisioning-update.xmlPosture portal — https://www.cisco.com/web/secure/pmbu/posture-update.xm...

Hello Team ,   For windows Patch management , enabling  the policy to check whether the Critical Patches are available on the desktops and are up to date or not . this   is not working as expected since it is relying on the SCCM agent information. Th...

Hi everyone, I'm trying to configure MAB on an access port. The device is a kiosk of sorts, so I have no interest in dot1x, only the MAB component. I believe I have everything configured, but when I show authentication session interface g1/0/22 it im...

Hi I am running ISE 2.2 .  We have a single ISE node setup with an FQDN ending with .local instead of .com. The problem is that when users try to access the guest portal. It prompts them and states that the certificate is untrusted since it is .local...

Hi Does anyone have any documentation around the benefits of ISE and Infoblox integration going into more detail that a marketing slide , even some case studies would be great ? Cheers Julia

Hello,Please suggest how to add more AD attributes to the radius live logs. We use ISE 2.3 for 802.1x authentication thru ActiveDirectory. Earlier I saw a lot of AD attributes in the live logs, for example "memberOf" fields, and they helped a lot to ...

Hi, i'm working in deployment of dot1x in my network and I need some recomendations and best practices.Main IDEA, in authentication:1 - Fisrt method dot1x:- Machine authentication with AD, native suplicant (using MAR)- User authentication with AD (PE...

Hi there, Have anyone encountered a situation where you don't have an AD (we use cloud based LDAP, not to mention it doesn't manage endpoints like AD does) and we don't want to use certs. So is there a way to authenticate machines against an ODBC sou...

Hello,I was wondering if anyone has had any issues with ISE 2.4 patch 7 after upgrading from version 2.3 patch 6?  I'm talking a direct upgrade and not a fresh install of 2.4 patch 7 from 2.3 patch 6.  Since I've upgraded, I've noticed alarms for lic...

Hi,Does anyone know how to use the external Database to manage the End point devices mac address for the iPSK?I have set up the iPSK with ISE 2.3, we would like to know how to use the external Database to store these MAC address instead of the ISE in...

Hi all, I've noticed a discrepancy about the number of max concurrent sessions that a Cisco ISE hybrid model can support. The numbers doesn't seems to match between the ISE community portal (https://community.cisco.com/t5/security-documents/ise-perfo...

We’re setting up AAA on 2 nexus 5ks.  At present, they are configured to authenticate against tacacs first, which if unavailable they will fall back on local authentication.aaa authentication login default group (companyname) localWhat we’re trying t...