https://community.cisco.com/t5/network-access-control/radius-authentication-with-ise-and-nexus-7k/m-p/2181010#M137838 <P>Hi</P><P></P><P>i am trying to assign a right role for a user who authenticates to nexus 7k switch via radius. i am using cisco ISE version 1.1.1.268 and the nexus version is&nbsp;&nbsp;&nbsp; 5.0.2</P><P></P><P>I have created a role on nexus </P><P></P><P>role name network-XXX</P><P>&nbsp; rule 2 permit read</P><P>&nbsp; rule 1 permit command show running-config</P><P></P><P>on the ise , i have created an authorization profile :</P><P></P><P>Cisco:cisco-av-pair= shell:roles*"network-XXX"</P><P></P><P>on the ise authentication result , i can see that the "network-XXX" is passed on to Nexus, but the switch fails to understand it and doesnt allow me to issue the command show running-config.</P><P></P><P>i have tried various iterations on ISE attribute. i.e </P><P>shell:roles*"network-operator network-XXX"</P><P>shell:roles=network-XXX</P><P>shell:roles*"network-XXX vdc-admin"</P><P></P><P>none of them seem to work.</P><P></P><P>Any one with any ideas?</P> Mon, 11 Mar 2019 03:14:05 GMT Manish Patel 2019-03-11T03:14:05Z https://community.cisco.com/t5/network-access-control/radius-authentication-with-ise-and-nexus-7k/m-p/2181010#M137838 <P>Hi</P><P></P><P>i am trying to assign a right role for a user who authenticates to nexus 7k switch via radius. i am using cisco ISE version 1.1.1.268 and the nexus version is&nbsp;&nbsp;&nbsp; 5.0.2</P><P></P><P>I have created a role on nexus </P><P></P><P>role name network-XXX</P><P>&nbsp; rule 2 permit read</P><P>&nbsp; rule 1 permit command show running-config</P><P></P><P>on the ise , i have created an authorization profile :</P><P></P><P>Cisco:cisco-av-pair= shell:roles*"network-XXX"</P><P></P><P>on the ise authentication result , i can see that the "network-XXX" is passed on to Nexus, but the switch fails to understand it and doesnt allow me to issue the command show running-config.</P><P></P><P>i have tried various iterations on ISE attribute. i.e </P><P>shell:roles*"network-operator network-XXX"</P><P>shell:roles=network-XXX</P><P>shell:roles*"network-XXX vdc-admin"</P><P></P><P>none of them seem to work.</P><P></P><P>Any one with any ideas?</P> Mon, 11 Mar 2019 03:14:05 GMT https://community.cisco.com/t5/network-access-control/radius-authentication-with-ise-and-nexus-7k/m-p/2181010#M137838 Manish Patel 2019-03-11T03:14:05Z https://community.cisco.com/t5/network-access-control/radius-authentication-with-ise-and-nexus-7k/m-p/2181011#M137872 <HTML><HEAD></HEAD><BODY><P>Hello Manish,</P><P></P><P></P><P>The switch that you hev deployed i.e Nexus 7k series, does not support the features of ISE 1.1.1. For your reference please go through the link below:-</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/ise/1.1/compatibility/ise_sdt.html">http://www.cisco.com/en/US/docs/security/ise/1.1/compatibility/ise_sdt.html</A></P></BODY></HTML> Sat, 06 Apr 2013 02:53:47 GMT https://community.cisco.com/t5/network-access-control/radius-authentication-with-ise-and-nexus-7k/m-p/2181011#M137872 harvisin 2013-04-06T02:53:47Z https://community.cisco.com/t5/network-access-control/radius-authentication-with-ise-and-nexus-7k/m-p/2181012#M137909 <P>Hello Harvisin,</P> <P>Do Nexus support radius authentication with ISE 1.3??. All the access switches we have integrated for</P> <P>for AAA/Radius authentication with ISE.</P> <P>http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/compatibility/ise_sdt.html</P> <P>Nexus are not reflecting in the above ISE 1.3 compatibility matrix chart.</P> <P>Regards,<BR />Deepu</P> Wed, 13 Apr 2016 08:29:54 GMT https://community.cisco.com/t5/network-access-control/radius-authentication-with-ise-and-nexus-7k/m-p/2181012#M137909 deepuvarghese1 2016-04-13T08:29:54Z