Tagged: ISE

0

Cisco ISE: Update HotSpot access-code Daily

Several times, I run into the question if there is an option to “automatically” change the guest HotSpot access code at a given interval (lets say daily) and I came up with the following solution: ISE API + Python + Task Scheduler Steps: Enable API on ISE Create Python Script Configure Task Scheduler Enable the ERS APIs The ERS APIs are...

0

Cisco ISE Force Guests to accept AUP

Here is how I usually configure NEW-Guest-Endpoints purge policy and options we have. Administration > identity Management > Settings > Endpoint Purge ElapsedDays—Number of days since the object is created. For every day purge: “Elapsed Days less than 1“: This should work for brand new endpoints, but what if you implement this purge rule after ISE has already learned the MAC...

0

Cisco 802.1X Supplicant and NAD

Every ISE deployment project includes this question from the client: What if dot1x is enabled on the supplicant and not on the NAD and vice verse? Supplicant – Configured, NAD – Not Configured:If 802.1X is not enabled or supported on the network access device, any EAPOL frames from the client are dropped. If the client does not receive an EAP-request/identity frame...

0

Cisco ISE Posture Update Issue

Trying to update Posture got the following error message: “Remote address is not accessible. Please make sure update feed url, proxy address and proxy port are properly configured”. Solution:Check cisco.com certificate and add intermediate certificate to the ISE trusted store: