https://community.cisco.com/t5/network-access-control/ise-machine-authentication/m-p/2545225#M73108 <P>Hi</P><P>i enabled machine authentication for windows machine but i have some MAC OSX laptop that authenticate with MS AD that i need to exclude form MAR , i tried to apply specific auhz policy but every time it fails because of MAR&nbsp; , any idea ? &nbsp;</P> Mon, 11 Mar 2019 05:01:08 GMT eng.malak 2019-03-11T05:01:08Z https://community.cisco.com/t5/network-access-control/ise-machine-authentication/m-p/2545225#M73108 <P>Hi</P><P>i enabled machine authentication for windows machine but i have some MAC OSX laptop that authenticate with MS AD that i need to exclude form MAR , i tried to apply specific auhz policy but every time it fails because of MAR&nbsp; , any idea ? &nbsp;</P> Mon, 11 Mar 2019 05:01:08 GMT https://community.cisco.com/t5/network-access-control/ise-machine-authentication/m-p/2545225#M73108 eng.malak 2019-03-11T05:01:08Z https://community.cisco.com/t5/network-access-control/ise-machine-authentication/m-p/2545226#M73113 <P>One way you could do this is to utilize profiling. You can then create a policy that authorizes MACs without forcing them to go against the MAR check.</P><P>On the other hand, if your MACs are joined to your domain then you can eliminate MAR and simply perform PEAP (machine) based authentication for both your MACs and Windows machines.&nbsp;</P><P>You could also create a special rule for MACs that authenticate via PEAP (User) based authentication</P><P>Hope this helps!</P><P>&nbsp;</P><P><EM>Thank you for rating helpful posts!&nbsp;</EM></P> Wed, 17 Sep 2014 00:44:06 GMT https://community.cisco.com/t5/network-access-control/ise-machine-authentication/m-p/2545226#M73113 nspasov 2014-09-17T00:44:06Z