https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279420#M595884 <P>You can update that, just make sure to create the NAD in ISE using the Juniper profile. We have some older Juniper switches/routes that are using ISE as TACACS. I have attached the Juniper dictionary if you don't have that and the network device profile you will need to import if you also don't have that.</P> Tue, 08 Apr 2025 17:17:03 GMT Scott Fella 2025-04-08T17:17:03Z https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279337#M595881 <P>Community,</P><P>We have a Juniper Core switch model&nbsp;qfx5100-48s-6q in our environment.&nbsp; All of our other switches are Cisco.&nbsp; We are currently rolling out ISE to use for TACACS+ authentication.&nbsp; Currently the Juniper is configured in Aruba Clearpass which we are replacing with the Cisco ISE.&nbsp; I am trying to determine if i can create a Juniper Device in ISE under Network Devices, and have it authenticate to ISE vs. Clearpass.&nbsp; Does anyone else have experience authenticating Juniper devices within Cisco ISE?&nbsp;&nbsp;</P><P>To me it looks like i could simply modify the commands already configured on the Juniper that allow it to talk to Aruba Clearpass, which are:&nbsp;</P><P>set system tacplus-server 192.168.1.163 port 49</P><P>set system tacplus-server 192.168.1.163 secret "XXXXXXXXXXXXXXXXXXX"</P><P>set system tacplus-server 192.168.1.163 single-connection</P><P>set system tacplus-server 192.168.1.163 source-address 10.1.0.3</P><P>&nbsp;</P><P>Thank you,</P><P>KMNRUser</P> Tue, 08 Apr 2025 13:36:01 GMT https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279337#M595881 KMNRuser 2025-04-08T13:36:01Z https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279405#M595882 <P>&nbsp;</P> <P>&nbsp; - FYI :&nbsp;<A href="https://www.juniper.net/documentation/us/en/software/nce/nce-213_ex_and_cisco_ise/topics/topic-map/nce-213-ex-series-switch-cisco-ise.html" target="_blank">https://www.juniper.net/documentation/us/en/software/nce/nce-213_ex_and_cisco_ise/topics/topic-map/nce-213-ex-series-switch-cisco-ise.html</A></P> <P>&nbsp; M.</P> Tue, 08 Apr 2025 16:10:39 GMT https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279405#M595882 Mark Elsen 2025-04-08T16:10:39Z https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279420#M595884 <P>You can update that, just make sure to create the NAD in ISE using the Juniper profile. We have some older Juniper switches/routes that are using ISE as TACACS. I have attached the Juniper dictionary if you don't have that and the network device profile you will need to import if you also don't have that.</P> Tue, 08 Apr 2025 17:17:03 GMT https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279420#M595884 Scott Fella 2025-04-08T17:17:03Z https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279433#M595885 <P>Hi Scott,</P><P>Thanks for responding.&nbsp; When you have indicated that "you can update that"..what are you referencing that i can update?&nbsp; Thank you!</P><P>KMNRUser</P> Tue, 08 Apr 2025 17:01:39 GMT https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279433#M595885 KMNRuser 2025-04-08T17:01:39Z https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279448#M595886 <P>Update your switch/route config to point to ISE.&nbsp;&nbsp;</P> <PRE>set system tacplus-server 192.168.1.163 port 49<BR />set system tacplus-server 192.168.1.163 secret "XXXXXXXXXXXXXXXXXXX"<BR />set system tacplus-server 192.168.1.163 single-connection<BR />set system tacplus-server 192.168.1.163 source-address 10.1.0.3</PRE> <P>&nbsp;Just make sure your "secret" is the same when you add the NAD to ISE.</P> Tue, 08 Apr 2025 17:37:01 GMT https://community.cisco.com/t5/network-access-control/using-ise-to-authenticate-a-juniper-switch/m-p/5279448#M595886 Scott Fella 2025-04-08T17:37:01Z