At around the 28 minute mark you show we need to use a DACL as part of the posture redirect. Then around the 37 minute mark when you start creating the Authorization policies, a DACL is never referenced. Can you please explain?

Maybe i missed it but could you show your Switch ACL config

No Good Have a Voice Over

Thank you, Thomas. Very nice presentation.

Could you please share the content of the PowerShell script you used for the Domain Join condition? Also, what is ISE looking for from the executing that script? How did ISE determined that the endpoint satisfied the Domain Join requirement?

I have a question about the EAP-TLS method using the user certificate . how that certificate is generated ? does it manually add to device or it automatically push ? Anyone have idea for that?

'Promo SM' 🎉

keren om videonya 💯

fantastic video! very detailed and easy to understand. thank you for posting!

Great explanation. Thanks

Thanks. Can you also create a video where you show how to output logs to elasticsearch / openobserve? Should be relatively easy since ISE already uses Elastic?

A lot of great information. Thanks

Subscribed! I'll check out your videos. I've recently been given a project to implement NAC with cert auth using ISE as the authentication server and I don't know anything about ISE. I hope I don't blow up my whole environment. Trying to learn everything I can so I am successful. Thank you for investing your time into this video to share with us amateurs who are just trying not to take everything down.

Why isn’t this native in SNA?

Thanks Keith, this video has been very useful.

I can access ssh but I can´t access the ISE GUI. I verified the "Application Server"´ status is "running" (PID 23914). Can you pleae advise

Nice job. Invaluable session.

I have been hunting for this for three days straight, gone through a lot of headache especially on the redirect and dACL. Most tutorials seem to point back to Airspace ACLs,, will be trying out this method. This should work. Thank you so so much.

Can I add MikroTik by Radius?

Thanks for the vivid explanation! understanding the concepts matters

Is there a video to show how MFA is implemented with CAC and username/password on a Cisco Switch?

Is there a video to show how MFA is implemented with CAC and username/password on a Cisco Switch?

How can I change corporate ssid name with ISE?

34:37 probably the removal of "client exclusion policies", also removed the client from the temporary blocking list.

Thank you, very helpful! Suppose you're configuring a group of read-only users and only allowing show commands, not allowing configure terminal, should it matter whether aaa authorization config-commands is in place since they can't access global config mode anyway?

Great video - Thanks!

Great video. All of the ISE videos have been fantastic..

So new to this never really ran into this software before but have used cisco all my career, and had a juno router early in my IT career. So got any tips or tricks for why this is recommended / needed?

Very nice! Thank you

can i upgrade from ACS 5.8 to ISE 3.3 ?

I have customers who are using ISE with a PSK, and now I would like to have them use 802.1x with EAP,. What would be the first things that I need to do???

Thanks for this.

Thank You! Great brain dump. WS capture and going in depth on auth. Us O.S. NetEng's are ripping their hair out and still validating success with CLI.

I hope I can crack the interview based on cisco ise by watching this video

Nice Presentation helped alot.. subscribed !!!!

@33:13 where discussing using environment variables. Wouldn't this be the responsibility of Cisco ISE Ansible modules to support looking where creds are and not dependent on the version of ISE you are running?

Can't get this to work in ISE 2.7, any tips?

Hey Thomas, not sure if you'll see this, but I enjoyed the presentation. Well done! As an added benefit, I got a good laugh on some of the things that didn't go right! :) Thank you.

what about the health check tab on the interface ? where can I find test outputs ?

This is a well done introduction to IBNS 2 . Thank you Keith.

Will configure WMI work again? Test is failing though it states configuration completed OK. Appears it broke after a patch or Windows 2019, etc?

no sound?

Thanks a lot! Best video for a quick overview!

PAN server related for making policy 9:12 PSN server, making the ise enforcement 10:44

Great presentation, 1 question though. Does it mean ISE is not a suitable solution for offshore environments with latency being more than 300 milisec as you mentioned?

do you have an update to this. ie 2.7 or 3.0 with out the wizard?

it's Alice, not Mary 🤡

Are there any validated design guides for this yet? Particularly demonstrating best practices in having ISE nodes behind an Azure Load Balancer (with all it's limitations).

Is it possible we do "Dynamic VLAN assigment" for WIndows 10 devices Managed by Intune ? example : HR ppl login to onpremies wired LAN and get assigned to VLAN 10 only . similarly do segmentation based on Azure AD groups .

really? you guys couldnt have someone to speak and some background music?