An enterprise uses a separate PSN for each of its four remote sites. Recently, a user reported receiving an "EAP-TLS authentication failed" message when moving between remote sites. Which configuration must be applied on Cisco ISE?
A.
Use a third-party certificate on the network device.
B.
Add the device to all PSN nodes in the deployment.
C.
Configure an authorization profile for the end users.
D.
Renew the expired certificate on one of the PSN.
This question is horrible:
A is wrong because the trust on the ISE servers is the same no matter what PSN you reach
B is wrong because you don't need to add a device to ISE when it authenticates with TLS
C is wrong because if authorization works for other sites then one must assume that it also does for this one as the question doesn't state anything about location
D is also wrong as an expired certificate on an ISE wouldn't give a "authentication failed" error, it would give a "untrusted server" error.
A,B and C makes absolutely no sense, so I guess its D if maybe the wording is off.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
zyxzyx123
6 days, 5 hours agoZoneHacker
5 months, 1 week agoGtekzzz
2 weeks, 3 days ago