https://community.cisco.com/t5/network-security/ise-1-4-device-administration-how-doing-authorization-based-on/m-p/3550218#M277 <HTML><HEAD></HEAD><BODY><P>I believe you're asking for how to do network device administration via the TACACS+ protocol.</P><P>TACACS+ is supported in ISE 2.0 and later: <A href="https://community.cisco.com/docs/DOC-66500">ISE 2.0 Release</A></P><P></P><P>We have many ISE How-To Guides available that tell you how to do it in the regular <A _jive_internal="true" href="https://community.cisco.com/community/technology/security/pa/ise">ISE Community</A> on the <A href="https://community.cisco.com/docs/DOC-64012">ISE Design &amp;amp; Integration Guides</A> page under <A _jive_internal="true" href="https://community.cisco.com/docs/DOC-64012#jive_content_id_Device_Administration_TACACS">Device Administration (TACACS+)</A> </P></BODY></HTML> Mon, 24 Oct 2016 13:12:33 GMT thomas 2016-10-24T13:12:33Z https://community.cisco.com/t5/network-security/ise-1-4-device-administration-how-doing-authorization-based-on/m-p/3550217#M276 <HTML><HEAD></HEAD><BODY><P>Hi All</P><P></P><P>I am using ISE 1.4 for device administration authentication &amp; authorization. So know when network administrator want to connect to switch and router for administration, they are authenticate and authorize by ISE Radius.</P><P></P><P>My question is how to given authorization based on IP address of network administrator machine. Specify in authorization IP address allow to connect to device for administration. I don' know how or where specify it. Someone can help me please ?</P><P></P><P></P><P>Thanks in advance.</P></BODY></HTML> Sun, 23 Oct 2016 15:10:07 GMT https://community.cisco.com/t5/network-security/ise-1-4-device-administration-how-doing-authorization-based-on/m-p/3550217#M276 josedunet 2016-10-23T15:10:07Z https://community.cisco.com/t5/network-security/ise-1-4-device-administration-how-doing-authorization-based-on/m-p/3550218#M277 <HTML><HEAD></HEAD><BODY><P>I believe you're asking for how to do network device administration via the TACACS+ protocol.</P><P>TACACS+ is supported in ISE 2.0 and later: <A href="https://community.cisco.com/docs/DOC-66500">ISE 2.0 Release</A></P><P></P><P>We have many ISE How-To Guides available that tell you how to do it in the regular <A _jive_internal="true" href="https://community.cisco.com/community/technology/security/pa/ise">ISE Community</A> on the <A href="https://community.cisco.com/docs/DOC-64012">ISE Design &amp;amp; Integration Guides</A> page under <A _jive_internal="true" href="https://community.cisco.com/docs/DOC-64012#jive_content_id_Device_Administration_TACACS">Device Administration (TACACS+)</A> </P></BODY></HTML> Mon, 24 Oct 2016 13:12:33 GMT https://community.cisco.com/t5/network-security/ise-1-4-device-administration-how-doing-authorization-based-on/m-p/3550218#M277 thomas 2016-10-24T13:12:33Z https://community.cisco.com/t5/network-security/ise-1-4-device-administration-how-doing-authorization-based-on/m-p/3550219#M278 <HTML><HEAD></HEAD><BODY><P>Hello,</P><P></P><P>You can create an ACL on your NAD and add this ACL in the line vty configuration section.</P></BODY></HTML> Tue, 22 Nov 2016 23:59:08 GMT https://community.cisco.com/t5/network-security/ise-1-4-device-administration-how-doing-authorization-based-on/m-p/3550219#M278 ssambourg 2016-11-22T23:59:08Z