IOS 8.x Apple users and CISCO ISE native supplicant provisioning not working

Similar Messages

• IOS 8.0 our apple users and CISCO ISE customized portal [SOLVED]

  Hi there guys ,
  i wondering why after the update to iOS 8.0 our apple users , cannot
  make it to the ISE authentication Portal , we make em connect thru a WLC wich
  is redirecting to ISE ( radius server ) the web-auth process,
  while if we use the internal portal (PIC2) of wlc 5508 the all process going well
  after the update to 8.0 apple IOS , devices can't reach our customized portal
  no more.....
  anybody experienced the same?
  BR
  Eugenio

  Glad you got it working and good job on finding a solution to your problem (+5 from me). Also, thank you for taking the time to come back and share it.
  If your issue is resolved you should mark the thread as "Answered" :)
  One thing to also consider is CWA (Central Web Auth) instead of what you are doing which is LWA (Local Web Auth). It is always better to do CWA as there are many benefits to it. 
  Thank you for rating helpful posts!

• I just updated the software on my Apple TV, and now the closed captioning is not working. Somebody had the same problem? Anybody knows how to fix it?

  I just updated the software on my Apple TV, and now the closed captioning is not working. Somebody had the same problem? Anybody knows how to fix it?

  I just updated the software on my Apple TV, and now the closed captioning is not working. Somebody had the same problem? Anybody knows how to fix it?

• Cisco ISE guest portal redirect not working after successful authentiation and URL redirect.

  Hi to all,
  I am having difficulties with an ISE deployment which I am scratching my head over and can't fathom out why this isn't working.
  I have an ISE 3315 doing a captive webportal for my guest users who are on an SSID.  The users are successfully redirected by the WLC to the following URL:https://x.x.x.x:8443/guestportal/Login.action?portalname=XXX_Guest_Portal
  Now when the user passes through the user authentication splash screen they get redirected to https://x.x.x.x:8443/guestportal/guest/redir.html and recieve the following error:
  Error: Resource not found.
  Resource: /guestportal/
  Does anyone have any ideas why the portal is doing this?
  Thanks
  Paul

  Hello,
  As you are not able to  get the guest portal, then you need to assure the following things:-
  1) Ensure that the  two  Cisco av-pairs that are configured on the  authorization profile should  exactly match the example below. (Note: Do  not replace the "IP" with the  actual Cisco ISE IP address.)
  –url-redirect=https://ip:8443/guestportal/gateway?...lue&action=cpp
  –url-redirect-acl=ACL-WEBAUTH-REDIRECT (ensure that this ACL is also  defined on the access switch)
  2) Ensure that the URL redirection portion of the ACL have been  applied  to the session by entering the show epm session ip   command on the switch. (Where the session IP is the IP address  that is  passed to the client machine by the DHCP server.)
  Admission feature : DOT1X
  AAA Policies : #ACSACL#-IP-Limitedaccess-4cb2976e
  URL Redirect ACL : ACL-WEBAUTH-REDIRECT
  URL Redirect :
  https://node250.cisco.com:8443/guestportal/gateway?sessionId=0A000A72
  0000A45A2444BFC2&action=cpp
  3) Ensure that the preposture assessment DACL that is enforced from  the  Cisco ISE authorization profile contains the following command  lines:
  remark Allow DHCP
  permit udp any eq bootpc any eq bootps
  remark Allow DNS
  permit udp any any eq domain
  remark ping
  permit icmp any any
  permit tcp any host 80.0.80.2 eq 443 --> This is for URL redirect
  permit tcp any host 80.0.80.2 eq www --> Provides access to internet
  permit tcp any host 80.0.80.2 eq 8443 --> This is for guest portal
  port
  permit tcp any host 80.0.80.2 eq 8905 --> This is for posture
  communication between NAC agent and ISE (Swiss ports)
  permit udp any host 80.0.80.2 eq 8905 --> This is for posture
  communication between NAC agent and ISE (Swiss ports)
  permit udp any host 80.0.80.2 eq 8906 --> This is for posture
  communication between NAC agent and ISE (Swiss ports)
  deny ip any any
  Note:- Ensure that the above URL Redirect has the proper Cisco ISE FQDN.
  4) Ensure that the ACL with the name "ACL-WEBAUTH_REDIRECT" exists on  the switch as follows:
  ip access-list extended ACL-WEBAUTH-REDIRECT
  deny ip any host 80.0.80.2
  permit ip any any
  5) Ensure that the http and https servers are running on the switch:
  ip http server
  ip http secure-server
  6) Ensure that, if the client machine employs any kind of personal  firewall, it is disabled.
  7) Ensure that the client machine browser is not configured to use any  proxies.
  8) Verify connectivity between the client machine and the Cisco ISE IP  address.
  9) If Cisco ISE is deployed in a distributed environment, make sure  that  the client machines are aware of the Policy Service ISE node FQDN.
  10) Ensure that the Cisco ISE FQDN is resolved and reachable from the  client machine.
  11) Or you need to do re-image again.

• Cisco Ise Central Web authentication not working

  Hello Guys,
  CWA is not working. It says that authentication suceeded but posture status is pending. No error in my Monitor--authentication. Checking it in my Windows 7, it does not shows the CWA portal.
  What might be the possible problem of this.?
  thanks

  Kindly review the below links:
  http://www.cisco.com/en/US/products/ps11640/products_configuration_example09186a0080ba6514.shtml
  http://www.cisco.com/en/US/products/ps11640/products_configuration_example09186a0080bead09.shtml

• I use Verizon Fios as my ISP.  I am not able to set up verizon yahoo mail on my mini.  I had set it up previously on my apple laptop and my iPad, but it does not work on the iPad mini.  Also this morning it stopped working on the other apple devices.

  I am currently using Verizon Fios as my ISP.  I had my mail set up as verizon yahoo mail.  I was attempting to set up my iPad mini to get my mail under apple mail.  I have that working under my iMac, iPad, and apple notebook.  I have not been able to get it to sync on the iPad mini.  can you tell me the proper settings.

  really your going to want to contact verizon to get the proper setting

• My grandma is a new apple user and she needs help making an apple account.

  my grandma is a new apple user and she needs help making an apple account.

  She should call Apple support or visit the Genius Bar at an Apple store (make an appointment first at http://apple.com/retail). They will walk her through the process.

• I'm a recently transformed "Windows to Apple" user, and I need to run various Windows software.  Before installing Windows, I would like to hear from experiences from users if it works well.

  I'm a recently transformed "Windows to Apple" user, and I need to run various Windows software.  Before installing Windows, I would like to hear from experiences from users if it works well. Also, I have an "Office for PC" that I need to re-download, however I was advised by someone that this software cannot be downloaded even if I had Windows in my MAC and that I will have to buy a new "Office for MAC" software.  Thanks.

  Yes, what you are looking at will work.  
  "Most of this would be for access to the shared folders which is not the same as RDP, correct?  So i could
  have myself connect from school to pull a word document, my friend connect from home to get the excel spreadsheet for our table top gaming, and my family connect to pull pictures from the shared folder on the server all at the same time.  Because they
  are accessing the shared folders it is not a RDP where they are accessing the server itself for administration."
  This statement is correct.  All of them would be able to be accessing the shared folders at the same time.  This is the purpose of shared folders. 
  "the 1 user and RDP part is where I'm getting a little confused i think.
  For the RDP part I thought that only applied to the server itself and not any of the client computers
  connected to the server.  So you are still limited to the 2 users to connect concurrently to the server or a client computer at any time?"
  Sorry, not trying to confuse you.  You mentioned to connect to a local machine at the same time.  If you are staying away from RDP, then you won't have this issue.  I would keep all shared folders on the server,  not on any workstations.
   You are correct 2 people can be RDP into a server at once.  For client computers (workstations) you are limited to 1 person at a time.  If you setup Anywhere Access correctly,  then your friends and family should not need to RDP into a
  client computer, they should only need to access the shared folders.  
  Something to keep in mind...for Anywhere Access to work, you will need to purchase a public certificate.  You can do this from GoDaddy.com, Comodo or others. I would recommend either Godaddy or comodo.  They make it easy and give plenty of instructions
  on how to obtain the certificate.  You will probably also have to purchase a domain name, and a static IP from your ISP.  To fully do what you are looking at, it will take some out of pocket $$. 

• I am a new Apple user and had a visitor, with an iPad, at my house.  I noticed the response time slowed greatly.  I have a Linksys N router and wondered is I need an Apple router to allow the speed to be consistent.

  I am a new Apple user and had a visitor, with an iPad, at my house.  I noticed the response time slowed greatly.  I have a Linksys N router and wondered if I need an Apple router to allow the speed to be consistent.

  I am a new Apple user and had a visitor, with an iPad, at my house.  I noticed the response time slowed greatly.  I have a Linksys N router and wondered if I need an Apple router to allow the speed to be consistent.

• Meraki MDM and Cisco ISE

  Has anyone done an integration of Meraki Systems Manager enterprise MDM and Cisco ISE?   there is absolutely no documentation on the subject except for the Meraki announcement that lists:
  Cisco Identity Services Engine (ISE) integration – allows Systems Manager to directly communicate with ISE for device enrollment and posture assessment

  Hidden in the Meraki blog is this configuration guide for Meraki SM and ISE.
  https://www.dropbox.com/s/4pd2acrni9w9rjr/Meraki%20Wirelessv5.pdf
  Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question.  Otherwise, feel free to post follow-up questions.
  Charles Moreton

• I am using iPhone 4s with no sim card. My WiFi turned grey and isn't working. I've tried many methods like freezing and Resetting the network settings, still not working. Now what should I do? (iOS 7.1.2)

  I am using iPhone 4s with no sim card. My WiFi turned grey and isn't working. I've tried many methods like freezing and Resetting the network settings, still not working. Now what should I do? (iOS 7.1.2)

  Put in a micro SIM (SIM need not be active) and
  Restore from backup
  Restore as new
  http://support.apple.com/en-us/HT201252

• When I try to sign in with my Apple ID and password, it says I can not sign in.  To check my network connection and try again.

  When I try to sign in with my Apple ID and password, it says I can not sign in. To check my network connection and try again.
  I am connected to my home wifi network. Why can't I sign in??

  Not sure, but iAd Producer probably has nothing to do with this.
  Did you try posting in a forum that discusses iPhone, or FaceTime, or networking?
  I searched and this looks like the best fit : https://discussions.apple.com/community/iphone/using_iphone
  -M

• I bought an IR receiver and an Apple Remote, and I can't get it to work. What am I doing wrong?

  I bought an IR receiver and an Apple Remote, and I can't get it to work. What am I doing wrong? The receiver is a Lenovo eHome OVU430006/01 USB IR Receiver.

  Hello,
  You would need to pair the Apple Remote with the receiver. So I would use the generic Mac/PC receiver and follow these instructions:
  http://support.apple.com/kb/HT1619
  If that doesn't work then check in System Profiler to see if the IR receiver has been recognized by the PowerBook's hardware. You may require the install of drivers for this device to be recognized.
  Best of luck

• I had a repair done on my MacBook Pro and had to have a new hard drive installed. The Apple Auth Repair Shop then updated the OS from 10.6.8 to 10.7.5. Now my iPhoto v 9.2.3 will not open and it sounds like it will not work with this OS. Can you plea

  I had a repair done on my MacBook Pro and had to have a new hard drive installed. The Apple Auth Repair Shop then updated the OS from 10.6.8 to 10.7.5. Now my iPhoto v 9.2.3 will not open and it sounds like it will not work with this OS. Can you please advise?

  You may need many other updates to retain compatibility with Lion. I suggest you reinstall Snow Leopard. Unfortunately, you will need to erase the drive first. Be sure to backup your data if you haven't done so already.
  Clean Install of Snow Leopard
  Be sure to make a backup first because the following procedure will erase
  the drive and everything on it.
       1. Boot the computer using the Snow Leopard Installer Disc or the Disc 1 that came
           with your computer.  Insert the disc into the optical drive and restart the computer.
           After the chime press and hold down the  "C" key.  Release the key when you see
           a small spinning gear appear below the dark gray Apple logo.
       2. After the installer loads select your language and click on the Continue
           button. When the menu bar appears select Disk Utility from the Utilities menu.
           After DU loads select the hard drive entry from the left side list (mfgr.'s ID and drive
           size.)  Click on the Partition tab in the DU main window.  Set the number of
           partitions to one (1) from the Partitions drop down menu, click on Options button
           and select GUID, click on OK, then set the format type to MacOS Extended
           (Journaled, if supported), then click on the Apply button.
       3. When the formatting has completed quit DU and return to the installer.  Proceed
           with the OS X installation and follow the directions included with the installer.
       4. When the installation has completed your computer will Restart into the Setup
           Assistant. After you finish Setup Assistant will complete the installation after which
           you will be running a fresh install of OS X.  You can now begin the update process
           by opening Software Update and installing all recommended updates to bring your
           installation current.
  Download and install Mac OS X 10.6.8 Update Combo v1.1.

• I backed up my iphone 4 and did an upgrade and changed my Apple ID and password but my phone has not recognised the new ID to upgrade my apps via the iphone.

  I backed up my iphone 4 and did an upgrade and changed my Apple ID and password but my phone has not recognised the new ID to upgrade my apps via the iphone.  How do I get rid of the old Apple ID when it comes to upgrading apps.
  I have been into setting>store and signed out and signed back in and it still asks for old ID and password.

  Everything you've had up to now has been tied to your old Apple ID. You cannot switch it over to a new Apple ID. You should contact iTunes support to help you with this:
  Apple Store Customer Service at 1-800-676-2775 or visit online Help for more information.
  To contact product and tech support visit online support site.
  For Mac App Store: Mac App Store Customer Service.
  For iTunes: Apple Support for iTunes - Contact Us