Cisco Cisco Identity Services Engine 1.3 Release Notes
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
72
Release Notes for Cisco Identity Services Engine, Release 1.3
Cisco ISE, Release 1.3, Open Caveats
CSCtq02332
Windows agent does not display IP refresh during non-compliant posture status
The IP refresh is happening on the client machine as designed, but the Agent
interface does not display the change appropriately (for example, following a move
from preposture (non-compliant) to postposture (compliant) status).
interface does not display the change appropriately (for example, following a move
from preposture (non-compliant) to postposture (compliant) status).
Workaround
There is no known workaround for this issue.
CSCtq02533
The Cisco NAC Agent takes too long to complete IP refresh following VLAN
change
change
The Cisco NAC agent is taking longer than normal to refresh IP address due to
double IP refresh by supplicant and Cisco NAC agent.
double IP refresh by supplicant and Cisco NAC agent.
Workaround
Disable the Cisco NAC Agent IP address change function if there is a
supplicant present capable of doing the same task.
CSCts80116
OPSWAT SDK 3.4.27.1 causes memory leak on some PCs
Client machines that have version 8.2.0 of Avira AntiVir Premium or Personal may
experience excessive memory usage.
experience excessive memory usage.
Note
This has only been observed with version 8.2.0 of Avira AntiVir Premium
or Personal. Later versions of the application do not have this issue.
or Personal. Later versions of the application do not have this issue.
Workaround
Install later version of Avira AntiVir Premium or Personal.
CSCtw50782
Agent hangs awaiting posture report response from server
Workaround
The issue occurs with Mac OS X 10.7.2 clients.
Kill the CCAAgent Process and then start CCAAgent.app.
Perform the following:
1.
Go to Keychain Access.
2.
Inspect the login Keychain for corrupted certificates, like certificates with the
name “Unknown” or without any data
name “Unknown” or without any data
3.
Delete any corrupted Certificates
4.
From the pull-down menu, select Preferences and click the Certificates tab
5.
Set OCSP and CRL to off.
CSCty02167
IP refresh fails intermittently for Mac OS 10.7 guest users
This problem stems from the way Mac OS 10.7 handles certificates. Marking the
certificate as “trusted” in the CWA flow is not good enough to download the java
applet required to perform the DHCP refresh function.
certificate as “trusted” in the CWA flow is not good enough to download the java
applet required to perform the DHCP refresh function.
Workaround
The Cisco ISE certificate must be marked as “Always Trust” in the
Mac OS 10.7 Keychain.
Table 17
Cisco ISE, Release 1.3, Open Agent Caveats (continued)
Caveat
Description