Several times, I run into the question if there is an option to “automatically” change the guest HotSpot access code at a given interval (lets say daily) and I came up with the following solution: ISE API + Python + Task Scheduler Steps: Enable API on ISE Create Python Script Configure Task Scheduler Enable the ERS APIs The ERS APIs are...
Here is how I usually configure NEW-Guest-Endpoints purge policy and options we have. Administration > identity Management > Settings > Endpoint Purge ElapsedDays—Number of days since the object is created. For every day purge: “Elapsed Days less than 1“: This should work for brand new endpoints, but what if you implement this purge rule after ISE has already learned the MAC...
Every ISE deployment project includes this question from the client: What if dot1x is enabled on the supplicant and not on the NAD and vice verse? Supplicant – Configured, NAD – Not Configured:If 802.1X is not enabled or supported on the network access device, any EAPOL frames from the client are dropped. If the client does not receive an EAP-request/identity frame...
Trying to update Posture got the following error message: “Remote address is not accessible. Please make sure update feed url, proxy address and proxy port are properly configured”. Solution:Check cisco.com certificate and add intermediate certificate to the ISE trusted store:
Recent Comments