Endpoint is dynamically profiled by Cisco ISE and assigned dynamically or statically to an endpoint identity group. Cisco ISE authorization rules do not use this endpoint identity group.
End result: As of Cisco ISE 1.0, one license from Base package is used up and one license from Advanced package is used up. By Cisco ISE 1.1 scenario this scenario will be fixed to use up only one license from Base package. Because profiled identity group is not used in the Authorization Policy, no Advanced license is consumed.
Last time I heard, v1.1 is due in first week of December, I would like to know if that is true.
The Cisco ISE, Release 1.0.4 implements a change that Cisco ISE cannot consume advanced licenses when endpoints are statically assigned to a profile. The number of endpoints that are dynamically profiled can only be compared against the limit of the advanced licenses. The endpoints that are statically assigned to a profile are now excluded from utilizing licenses included in the advanced license package, but they are still compared against the limit of base licenses. Earlier in the Cisco ISE, Release 1.0, it compares the total number of concurrent endpoints across the entire deployment against the limit of the advanced licenses.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...