Cisco prime 2.1 / 2.2 support for Cisco ise 1.3 ?

Hi, I just tried to connect cisco PI 2.1 to cisco ISE 1.3, but fails.
I read the release Notes, only ISE 1.2 ist supported.
But I was wondering that the ssl handshake fails (I have done a packet capture). 
So PI 2.1 has not tried to connect to ise 1.3 via api, because of the connection fails at the ssl handshake stage.
Anyway, does anybody know if ISE 1.3 will be supported with PI 2.2 or a version of PI 2.1.x ?

Why doesn't the REST API communication in Prime 2.1 (2.1.0.0.87) support TLS? The platform itself seem to be able to handle TLS-DHE-RSA with AES-128-CBC-SHA. Why is it trying to use SSLv2 ?
These protocol is incompatible and very much outdated: http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_1.0.2C_2.0_and_3.0
Can this behavour be reconfigured in CLI or at least be allowed in ISE 1.3 to make a workaround until a working patch or upgrade is done? Could or should adding the Cisco Prime server as managed node in ISE circumvent the incompability?

Similar Messages

  • Cisco SF302-08P (SRW208P-K9-NA) Support for Cisco IP 7942 Phones

    Hi All,
    I am looking at quoting the SF302-08P for a client which will have three small offices interconnected via single mode fiber. I am planning on connecting them to a 3560 switch. Each office will have no more than 3 - 7942 phones. I reviewed the notes on this switch and it seems it should support this phone type without any issues. Could you advise if you have run into any support/reliability issues with this switch and the 7942s?
    Thank You,

    Hi RevereORL,
    My concern is there are;
    slight nuances or differences between the CLI configuration on the SG300 compared to the Catalyst range.
    I am also very very slightly concerned about post sales support interaction between TAC and SBSC, but these days there is much more cross talking between these two support groups.
    Different SFP SKU's for fiber connectivity GLC- series for catalyst and MGB series on 300, even though I have no issue with plugging the GLC SKU's into my 300 series product.
    The SF302-8P has a POE budget defined as 62W across all 8 ports or 62watts / 8 ports= 7.75 approx watts that can be drawn from each port.
    With the software upgrade to 1.1.1.8 the 300 series now also supports pre-standard POE as well as the 802.3af, power should not be a issue..
    I guess the beauty of buying from a distributor, and keeping the packaging, is that your can validate your application.
    Give it a try,.
    regards Dave

  • Cisco Prime LMS 4.1 - Support for Cisco Catalyst 3560-C Series Switches

    Hello together
    I have a customer which uses the following switch. Last year I have installed LMS 4.1 for him to manage the switches. Unfortunatly the switch model is not supported. According to the information found on the following site the switch is supported for most of the modules in LMS:
    http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.1/device_support/table/lms41sdt.html
    The oid object of the device is the following: 1.3.6.1.4.1.9.1.1465
    Supported Software: 12.2(55)EX (Customer has 12.2(55)EX3
    Version Support Type: Device Update
    So I updated all device updates I was able to find.
    Step 1: For that I went to Admin > System > Software Center > Schedule Device Downloads and created a job where I have downloaded the latest versions of all packages.
    Step 2: Installed the downloaded packages Admin > System > Software Center > Device Update and installed all the packages.
    Unfortunatly I don't see the same result like described in the Supported Device Table for LMS 4.1.
    - Cisco View -> works
    - Inventory and Config Collection -> works
    - Fault Monitor not working -> Error Code Unsupported
    - Network Topology Layer 2 Services -> Device Type ciscoProducts.1465, Symbol Question Mark
    - VLAN Management -> Doesn't work
    - User Tracking > seems also not to work
    When I open the report for supported devcies (Reports > System > Device Support) and search for C3560C... I find the following devices, but not mine which i need:
    C3560C-8PC-S     .1.3.6.1.4.1.9.1.1466
    C3560CG8PC         .1.3.6.1.4.1.9.1.1317
    C3560CCG8TC     .1.3.6.1.4.1.9.1.1318
    wsC3560CPD8ptS     .1.3.6.1.4.1.9.1.1368
    Does anybody have experience with the same switch type / model? Am I doing something wrong or is this type of switch not implemented correctly till now? Further the docuemntation supported devices would be wrong.
    Thanks for any feedback Erich

    Thanks but I just heard back from my Cisco SE and he assures me that an AP will NOT use up a license.
    I've asked him to verify his answer for me.
    Is your answer based on real world expereince (the best there is)?  That is, are you running Prime LMS 4.1 and does it indeed use up a license for each light-weight AP it discovers & manages?
    Thanks for mentioning options 1-3 but I do not wish to employ any of them.  I don't mind buying the additional licenses for APs ... I just need to know if I have to or not.
    Ian.

  • Cisco Prime Infrastructure 2.2 UCS support (C24)

    Hi,
    I recently upgraded a CPI 2.1 server to 2.2 hoping that it would support monitoring and managing a customer's C24 server. Unfortunately I hadn't read the Supported Devices list (http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-infrastructure/products-device-support-tables-list.html) where it is stated that UCS C220 M3 and C240 M3 are supported, but none of the other models.
    When can I expect support for C24 M3 (OID:1.3.6.1.4.1.9.1.1685) and the other UCS models?
    Mikael

    Cisco just added the Compute work center and UCS support in PI 2.2. I suspect they used the C220 as a first target since that's the platform for the upcoming hardware appliance refresh.
    While they haven't announced future release plans, typically we see incremental device updates via the update packages - those have been coming out almost monthly with PI 2.1.
    I'd encourage you to submit enhancement requests via your Cisco account team if the feature is important to you. Customer feedback is one of the key elements in deciding what features the developers focus on.

  • Android tablets supported for Cisco Jabber for Android 10.5 ?

    Exist a list with tablets support for this realease ?
    In release notes only include smartphones.
    Anoher question, is about version android client, in google play exits a old version, but not 10.5, any reason for this ?
    Thanks in advance.

    The tab listed for support is " Google Nexus 10 (Android OS 4.4.x) ". Please refer to the following link for more information;
    http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/10_5/CJAB_BK_D6497E98_00_deployment-installation-guide-ciscojabber/CJAB_BK_D6497E98_00_deployment-installation-guide-ciscojabber_chapter_011.html#CJAB_RF_D3CF90B1_00
    Quoting the following link; https://play.google.com/store/apps/details?id=com.cisco.im&hl=en ;we have got the J4A 10.5 listed on the playstore.
    - please rate if this helps.

  • What to support for Cisco IP Phone 7912?

    dear all.  please help me!!!
    I have a 7912 ip phone, and using Cisco CME in 1760, but I do not see this type 7912 ip phone telephony service there. whether it was true ip 7912 phone is not support for the Cisco 1760 CME. and whether support for the cisco 7912 ip phone?  whether the telephony-service configuration is equal to the telephony-service configuration for the ip phone 7940?
    please help me  !!!

    Hi to all
    Please I ned some advice , I was try to reset to factory defaults a Cisco IP Phone 7912 and I was failed .
    Please can you help me ?
    Thanks a lot !
    Hugo Baez

  • Support for Cisco VPN "mutual group authentication"

    Hi,
    Does anyone know of support plans for Cisco VPN mutual group authentication in the built-in VPN client on MacOSX?
    Thanks,
    John

    I would like to know the answer to this as well.
    Thanks,
    Josh

  • Cisco Prime LMS 4.x IPv6 support

    Is there a document that describles the IpV6 support for LMS?

    It's not documented in any one place that I have found.
    Joe Clarke covered it in a post a post early last year. See here.
    Per the release notes, I don't believe LMS 4.1 has changed that significantly.

  • Are the SG500P SMB switchs supported for Cisco Network Assistant?

    Hi, we need to enroll some SG500-28P switches to a CNA? Is this possible? I suppose that CDP feature allow this. Actually, i have installed CNA Ver. 6.0. Thanks in advance.

    Hello Fernando,
    Thank you for visiting the Cisco Support Community! 
    Here is a list of all the devices supported by the Cisco Network Assistant for the 6.0 version and later. Many of the 500 series switches, including the SG500-28P Managed Switch, are supported by the CNA. This page will also give you any additional information you may need such as the features of the CNA 6.0 version, any system requirements, and more. 
    If this post was helpful, please remember to mark this question as resolved to help others in the community! If you have any further questions, please do not hesitate to ask!
    Best,
    LP

  • CLI support for Cisco SG100D-05 5-Port Gigabit Desktop Switch

    I would like to know if the SG100D series of switches support the CLI? If not what are the series of switches supported by the CLI.
    I am looking for an application where I need to tell which device is connected to which port on a switch. Hence I am looking at this option where I can run a script and use CLI to output the MAC id of devices connected on each port.
    Thanks!

    Hi Yiu Kay Lee,
    Thank you for sending me this document. It was very helpful. But I cannot understand one thing about it. Is it possible to extract the results from the CLI by passing a command via a script e.g. Python and get the results of it into Python?
    For e.g.
    ************Python script ******************
    >>print("send command to 200 series Cisco switch")
    >> results = show mac-addr-table
    >> print results
    Please let me know if such interfacing with the CLI is possible or not?
    Thanks

  • Error Compilation MIBs Supported for Cisco UCS C-series software release 1.4(3) and later releases on IBM Director 6.3.2

    Hi,
    I have an IBM director 6.3.2 on a Windows Server 2008R2
    I try to install the MIB for manage Cisco UCS C-460 server.
    I downloaded the mib on the cisco ftp.
    the files extension was my. I cahgne it to .mib. For the moment I success to import some ones.
    But when I try to install Cisco-Unified-Computing-TC-MIB, I have got the error in the join file.
    Ho can I fix this issue...

    Hi,
    I have an IBM director 6.3.2 on a Windows Server 2008R2
    I try to install the MIB for manage Cisco UCS C-460 server.
    I downloaded the mib on the cisco ftp.
    the files extension was my. I cahgne it to .mib. For the moment I success to import some ones.
    But when I try to install Cisco-Unified-Computing-TC-MIB, I have got the error in the join file.
    Ho can I fix this issue...

  • Nokia Lumia support for Cisco WLC

    Dear All,
    I am using Cisco Wireless LAN Controller 4404 in my network, All devices (Laptops, samsung mobile phones, Iphone, HTC, etc) are connecting and working perfectly but NOKIA Lumia mobile phone is unable to connect.
    Is there any hotfix for WLC available? please advise
    Regards,
    Junaid

    Please find below debug details, I started debugging the device by command debug client (client mac) and then tried to connect the device.
    *dot1xMsgTask: Sep 25 12:14:03.096: ec:f3:5b:d3:99:20 dot1x - moving mobile ec:f3:5b:d3:99:20 into Connecting state
    *dot1xMsgTask: Sep 25 12:14:03.097: ec:f3:5b:d3:99:20 Sending EAP-Request/Identity to mobile ec:f3:5b:d3:99:20 (EAP Id 1)
    *Dot1x_NW_MsgTask_0: Sep 25 12:14:03.148: ec:f3:5b:d3:99:20 Received EAPOL START from mobile ec:f3:5b:d3:99:20
    *Dot1x_NW_MsgTask_0: Sep 25 12:14:03.148: ec:f3:5b:d3:99:20 dot1x - moving mobile ec:f3:5b:d3:99:20 into Connecting state
    *Dot1x_NW_MsgTask_0: Sep 25 12:16:05.035: apfGetRsnIE: Processing WPA/RSN IE type 48, length 56 processed only 38 bytes
    *Dot1x_NW_MsgTask_0: Sep 25 12:16:05.076: apfGetRsnIE: Processing WPA/RSN IE type 48, length 56 processed only 38 bytes
    *Dot1x_NW_MsgTask_0: Sep 25 12:16:05.076: apfGetRsnIE: Processing WPA/RSN IE type 48, length 56 processed only 38 bytes
    *Dot1x_NW_MsgTask_0: Sep 25 12:16:05.076: apfGetRsnIE: Processing WPA/RSN IE type 48, length 56 processed only 38 bytes
    *Dot1x_NW_MsgTask_0: Sep 25 12:16:05.112: apfGetRsnIE: Processing WPA/RSN IE type 48, length 56 processed only 38 bytes
    And on cell phone it shows the following message:
    connection unsuccessful,
    the credentials provided by the server couldn't be validated,
    I tried to connect it without any encryption and it got connected successfully, issue only on wpa2-Enterprise.
    Please advise,,,
    Regards,
    Junaid

  • Cisco Aironet Conversion Tool Version 2.1 for Cisco IOS Software

    I am trying to convert a LWAP to Cisco IOS and the tool wants to know the Admin Name*? This is a factory radio sent to me as LWAP. I cannot seem to find out what the Admin Name is, I have tried Admin and Cisco not sure what else to try.

    Hi Brian,
    That tool is used for the IOS to LWAPP upgrade only. The AP can be converted back to Autonomous (IOS) using the following method;
    Reverting the Access Point Back to Autonomous Mode
    http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html#wp161272
    You can convert an access point from lightweight mode back to autonomous mode by loading a Cisco IOS Release that supports autonomous mode (Cisco IOS release 12.3(7)JA or earlier). If the access point is associated to a controller, you can use the controller to load the Cisco IOS release. If the access point is not associated to a controller, you can load the Cisco IOS release using TFTP.
    Using a TFTP Server to Return to a Previous Release
    Follow these steps to revert from LWAPP mode to autonomous mode by loading a Cisco IOS release using a TFTP server:
    Step 1 The static IP address of the PC on which your TFTP server software runs should be between 10.0.0.2 and 10.0.0.30.
    Step 2 Make sure that the PC contains the access point image file (such as c1200-k9w7-tar.122-15.JA.tar for a 1200 series access point) in the TFTP server folder and that the TFTP server is activated.
    Step 3 Rename the access point image file in the TFTP server folder to c1200-k9w7-tar.default for a 1200 series access point, c1130-k9w7-tar.default for an 1130 series access point, and c1240-k9w7-tar.default for a 1240 series access point.
    Step 4 Connect the PC to the access point using a Category 5 (CAT5) Ethernet cable.
    Step 5 Disconnect power from the access point.
    Step 6 Press and hold MODE while you reconnect power to the access point.
    Step 7 Hold the MODE button until the status LED turns red (approximately 20 to 30 seconds) and then release.
    Step 8 Wait until the access point reboots, as indicated by all LEDs turning green followed by the Status LED blinking green.
    Step 9 After the access point reboots, reconfigure it using the GUI or the CLI.
    From this doc;
    http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_technical_reference09186a00804fc3dc.html#wp161272
    Hope this helps!
    Rob

  • Cisco Prime Infrastructure 2.1 can't add Cisco ISE 1.2 to "External Management Servers"

    Hi all,
    I'm trying to add Ciso ISE 1.2 (1.2.0.899 with version 13 patch) servers (primary and secondary) as "External Management Servers" in Cisco PI 2.1 (2.1.0.0.87) but there appears such message indicating that ISE server is not reachable: 
    The weird thing is that ISE servers are reachable from PI and vice-versa (I can ping each other from their CLIs)
    There were added ISE servers to PI long ago (primary and secondary ISE) and then secondary was deleted from PI. Primary ISE still persists in PI but its status is unreachable:
    But I can see info about wired clients authenticating on the switchs (NADs for ISE) - weird, status is unreachable but client info is being received from ISE.
    I tried application stop NCS/application start NCS on PI and application stop ise/application start ise on ISE - no success for that issue.
    So I can't find a way to solve that weird issue, maybe you can help me find out the cause of such things. Thanks. 

    Hi,
    -- Please Go to Administration > Logging > set the Message level to TRACE > Click save
    -- Then try to add the ISE.
    -- Once it fails, collect the logs from Administration > Logging > 
    check the "ncs-0-0.log"  & search the file for "ERROR" & paste the results here. This will give us exact reason.
    - Ashok
    Please rate the post or mark as correct answer as it will help others looking for similar information

  • Is cisco prime infrastructure support / can be run as syslog server?

    Dear All,
    is cisco prime infrastructure support / can be run as syslog server?
    and,
    where i can see network topology diagram, using cisco prime infrastructure?
    many thanks,
    Jerri

    Hello. Cisco Prime LMS will be replaced by Cisco Prime Infrastructure in the near future.
    In the current release of Cisco Prime Infrastructure you can't use topology diagrams. This feature is in roadmap.
    About syslog, you can send syslogs to Cisco Prime Infrastructure, but I don't recommend using it as syslog server. Please see this link for more information https://supportforums.cisco.com/thread/2179520
    Please rate if this helps

Maybe you are looking for

  • Need to change the segment data in Inbound ORDERS05 IDOC

    Hi: I need to change sales area coming in E1EDK14 segment. I need to determine SAP sales area stored in TVARV table and pass it to the E1EDK14 segment. I am using exit EXIT_SAPLVEDA_002. In this I am looping DIDOC_DATA and checking if segment is E1ED

  • Actionscript 3 and PHP

    I'm trying to learn how to communicate between PHP and Flash and have run into a problem.  The PHP file loads albums and artists from a database.  I can get the PHP file to load okay, but I cannot access a certain variable from the PHP file.  Here is

  • Add new Item to Drag and Relate Menu

    Hi Dear; 1- how can i add a new item to drag and relate menu? 2- how can i link it to an sql statement? exp: user table (OUSR) best regards;

  • Idoc Failure due to APO substitute part number

    Hi Scenario: Intercompany p.o for a part. Plant in newzeland buy from Singapore. In Sales Order and Delivery system proposes a substitute part number against P.O So when delivery is created the idoc failed due to the discrepancy of P.O and S.O partnu

  • SQL Server Maintenance Plan does not run DEL command in .BAT

    Hello, I have a T-SQL Statement task in my Maintenance Plan that runs a .BAT file and it runs OK when manually executed.  The .BAT file has a del d:\backups\*.* command in it. However, when the plan runs automatically at a scheduled time, the .BAT fi