Cisco Cisco Identity Services Engine 3315 Appliance Troubleshooting Guide
Contents
Introduction
Prerequisites
Requirements
Components Used
Background Information
Tested CA/NDES Deployment Scenarios
Standalone Deployments
Distributed Deployments
Important Microsoft Hotfixes
Important BYOD Ports & Protocols
Configure
Disable SCEP Enrollment Challenge Password Requirement
Restrict SCEP Enrollment to Known ISE Nodes
Extend the URL Length in IIS
Certificate Template Overview
Certificate Template Configuration
Certificate Template Registry Configuration
Configure ISE as a SCEP Proxy
Verify
Troubleshoot
General Troubleshoot Notes
Client-Side Logging
ISE Logging
NDES Logging and Troubleshooting
Related Information
Introduction
This document describes the steps that are used in order to successfully configure the Microsoft
Network Device Enrollment Service (NDES) and Simple Certificate Enrollment Protocol (SCEP) for
Bring Your Own Device (BYOD) on the Cisco Identify Services Engine (ISE).
Network Device Enrollment Service (NDES) and Simple Certificate Enrollment Protocol (SCEP) for
Bring Your Own Device (BYOD) on the Cisco Identify Services Engine (ISE).
Prerequisites
Requirements
Cisco recommends that you have knowledge of these topics:
ISE Release 1.1.1 or later
●
Microsoft Windows Server 2008 R2
●
Microsoft Windows Server 2012 Standard
●
Public Key Infrastructure (PKI) and certificates
●