![]() ![]() ![]() RADIUS: NAS-Port-Type is equal to virtual In the policy stipulates the conditions, I put the condition as below.Ĭondition: DEVICE: Device Type Device Type #All Device Types #Dial - in access EQUALS AND We use the ISE 1.3 to authenticate remote users. Thanks again in advance, and sorry if this is a silly question.Ĭurrently I'm deployment anyconnect VPN Solution for my client on ASA 9.2 (3). How you guys do this in your deployments? So what to do now? I really need to create a temporary SSC and make the admin/EAP certificate, remove the current certificate, and then create a new CSR? There must be a way better and more important to do nondisruptive. Now, after 10 months or two (if the certificate is valid for one year) I want to renew the certificate of admin/EAP ISE.Ĭreation of CSR: I can't use the $FQDN$ like CN, because there is still the current certificate (CN must be unique in the store, right?) "Ģ.) sign CSR and certificate of bind on the ISE node - done Here's the thing that I do when I install initially an ISE nodeġ.) creation of CSR on ISE (PAN) - CN = $FQDN$ and SAN = 'name of FQDN as well. Maybe I'm asking a rather stupid question here, but anyway :)Ĭurrently, I think about how renew a certificate admin/EAP on a node of the ISE and the effect on the endpoint authentication. ![]() Renewal of certificates Cisco ISE Admin and EAP ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |