We changed a domain name of the ISE appliance and it started giving us grief. It was configured to redirect wireless users to the web registration and authentication portal. We properly added all required A records in DNS server and looked everywhere but didn't find anything that could give any clue.
Perhaps the old FQDN get stuck somewhere in the database.
Step 2 From the External Identity Sources navigation pane on the left, click Active Directory.
Step 3 Enter the domain name in the Domain Name text box.
Step 4 Enter a friendly name in the Identity Store Name text box for your Active Directory identity source (by default, this value will be AD1).
Step 5 Clicks Save Configuration.
Step 6 To verify if your Cisco ISE node can be connected to the Active Directory domain, click Test Connection. A dialog box appears and prompts you to enter the Active Directory username and password.
Step 7 Enter the Active Directory username and password and click OK.
A dialog box appears with the status of the test connection operation.
Step 8 Click OK.
Step 9 Click Join to join the Cisco ISE node to the Active Directory domain.
The Join Domain dialog box appears.
Step 10 Enter your Active Directory username and password, and click OK.
Step 11 Check the Enable Password Change check box to allow the user to change their password.
Step 12 Check the Enable Machine Authentication check box to allow machine authentication.
Step 13 Check the Enable Machine Access Restrictions (MARs) check box to ensure that the machine authentication results are tied to the user authentication and authorization results. If you check this check box, you must enter the Aging Time in hours.
Step 14 Enter the Aging Time in hours if you have enabled MARs.
This value specifies the expiration time for machine authentication. If the time expires, the user authentication fails. For example, if you have enabled MARs and enter a value of 2 hours, the user authentication fails if the user tries to authenticate after 2 hours.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :