Cisco Cisco Identity Services Engine 1.3 Release Notes

CSCtq02332

Windows agent does not display IP refresh during non-compliant posture status

The IP refresh is happening on the client machine as designed, but the Agent 
interface does not display the change appropriately (for example, following a move 
from preposture (non-compliant) to postposture (compliant) status).

There is no known workaround for this issue.

CSCtq02533

The Cisco NAC Agent takes too long to complete IP refresh following VLAN 
change

The Cisco NAC agent is taking longer than normal to refresh IP address due to 
double IP refresh by supplicant and Cisco NAC agent.

Disable the Cisco NAC Agent IP address change function if there is a 

supplicant present capable of doing the same task.

CSCts80116

OPSWAT SDK 3.4.27.1 causes memory leak on some PCs

Client machines that have version 8.2.0 of Avira AntiVir Premium or Personal may 
experience excessive memory usage. 

This has only been observed with version 8.2.0 of Avira AntiVir Premium 
or Personal. Later versions of the application do not have this issue.

Install later version of Avira AntiVir Premium or Personal.

CSCtw50782

Agent hangs awaiting posture report response from server

The issue occurs with Mac OS X 10.7.2 clients.

Kill the CCAAgent Process and then start CCAAgent.app.

Perform the following:

Go to Keychain Access.

Inspect the login Keychain for corrupted certificates, like certificates with the 
name “Unknown” or without any data

Delete any corrupted Certificates

From the pull-down menu, select Preferences and click the Certificates tab

Set OCSP and CRL to off.

CSCty02167

IP refresh fails intermittently for Mac OS 10.7 guest users

This problem stems from the way Mac OS 10.7 handles certificates. Marking the 
certificate as “trusted” in the CWA flow is not good enough to download the java 
applet required to perform the DHCP refresh function. 

The Cisco ISE certificate must be marked as “Always Trust” in the 

Mac OS 10.7 Keychain.