Network Access Control

Multi-Auth on 2960x

Hi, I try to configure a 2960x for mac authentication with Radius. For now I need only MAC authentication, no voice vlan, no different vlan´s. I just want to restrict access to the network to predefined MAC addresses. In single host mode it works w...

Resolved! ISE assigning Framed IP addresses from ODBC

Hi,Is it possible to assign a framed IP address to an endpoint while getting that IP address from an ODBC database (MS SQL) ?Thanks!

ACS 5.8 Multiple NICs

Hi, I was wondering if someone could advise about the ability to add additional NIC's to an ACS 5.8 system running in VMWare. I am looking to restrict traffic coming in from a secondary interface for Wi-Fi devices sending RADIUS requests and keep...

AAA in cisco nexus

Hello all, I have Nexus5548 device with AAA configure and everything is working good. I know that if AAA is working we cant login using our local credentials. now my request is i want both. in ordinary cisco switches\routers i have configure below...

cisco ASR1001-X port-channel

Hello everybody, I am installing Cisco ASR1001-X with the software asr1001x-universalk9.16.03.04.SPA.bin. Apparently it supports only 64 port-channels (1- 64). Is there anyway to extend this range? Cheers David

Resolved! 802.1x BYOD security problem ?

Hello, we currently allow BYOD users to authenticate via 802.1x using their AD username/password. My question is regarding the following scenario: - our users have no BYOD device on-boarding i.e. all they have been told is to connect to the BYOD SSID...

Resolved! CWA Portal in Distributed Deployment

I am facing a similar issue described in the below discussion, I couldn't find any answers to the question, hence posting again https://supportforums.cisco.com/t5/aaa-identity-and-nac/ise-2-1-0-474-issue-selecting-certificate-group-tag/td-p/300305...

Resolved! IPv6 DACL support on 3750

Hello,I would like to know whether IPv6 DACL is supported on 3750, using ISE 1.4. I know that ISE 1.4 supports IPv6 DACL using Cisco AV pair cisco-av-pair = ipv6:inacl#1=<IPv6-ACL-LINE-1> but would like to know whether 3750 switch supports it.Thanks.

Resolved! command authorization by ISE

Hi,I deploy an ISE for tacacs server and command authorization is used to control which command sets are allowed to execute for different privilege level.Users in "FMC-admin" AD group will assigned to privilege 15 by shell profiles and permit to exec...

Resolved! ISE PIC and Firepower Integration

Team,If ISE PIC is configured to only receive identity information via syslogs. If I configure ISE PIC to send these syslog learned identity information to the Firepower Management Center, will the FMC be able to create policies based on these ident...

Resolved! POV Threat Centric NAC using Qualys with Cisco Identity Services Engine (ISE).

GuysI am currently working on a POV for Cisco Threat Centric NAC using Qualys with Cisco Identity Services Engine (ISE).As you know Qualys integration does not use Cisco platform Exchange Grid (pxGrid) for ISE integration, instead it uses Structured ...

Public portal cert not trusted on iOS devices

On ISE 2.3 Patch 1, I'm running into an issue where only iOS devices don't trust the Digicert signed multi-domain portal certificate. Windows 10, Mac OSX 10.13, and Android don't have this issue.

Resolved! ISE 2.1 TC-NAC with AMP

In ISE 2.1, after the third party vendor account for AMP is created, the connection is established but after a while we see that the account becomes unreachable. I have tried reloading the ISE and redoing the integration but often observe that the co...

Resolved! FMC and PassiveID with ISE

Hi,According to the Firepower manual one must configure ISE to report only dot1x active logins when authenticating both user and machine, for PassiveID to map username correctly in FMC. However, I cannot find where to configure this in the ISE manual...

Resolved! Freeze Pane Feature for ISE 2.2 Radius Live Logs?

Good morning everyone!I was wondering if anyone can help me lock the top column/header in the Radius Live Logs section so it stays above the data when scrolling through the logs. Is this possible? It seems counter-intuitive to have the header locked/...

Network Access Control

Forum Posts

Multi-Auth on 2960x

Resolved! ISE assigning Framed IP addresses from ODBC

ACS 5.8 Multiple NICs

AAA in cisco nexus

cisco ASR1001-X port-channel

Resolved! 802.1x BYOD security problem ?

Resolved! CWA Portal in Distributed Deployment

Resolved! IPv6 DACL support on 3750

Resolved! command authorization by ISE

Resolved! ISE PIC and Firepower Integration

Resolved! POV Threat Centric NAC using Qualys with Cisco Identity Services Engine (ISE).

Public portal cert not trusted on iOS devices

Resolved! ISE 2.1 TC-NAC with AMP

Resolved! FMC and PassiveID with ISE

Resolved! Freeze Pane Feature for ISE 2.2 Radius Live Logs?

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

ISE BYOD machine authentication 3.1.0.x

ISE and Entra ID with 1 certificate for multiple usecases

Cisco ISE 3.1 WLC Captive Portal - AUP Error Apple Devices

.

"Change Password" functionality

Cisco ISE and MacBook

CiscoISE policy applying on switch problem

15024 PAP is not allowed

Cisco ISE: Sponsor decide duration by Approval

ISE - Sponsor Approved Guest Access