topic Re: Wired client authentication | Radius server or ISE? in Software-Defined Access (SD-Access) https://community.cisco.com/t5/software-defined-access-sd-access/wired-client-authentication-radius-server-or-ise/m-p/4114229#M720 <P>Yes, it's a poor question if asked that way since both are technically correct. ISE is of course a radius server, and you can leverage a third party radius server + ISE for SDA. If they had used creative wording then maybe they were trying to trick you, you can't run SDA with only a third party radius server, you still need ISE. <BR /><BR />ex. <A href="https://community.cisco.com/t5/networking-documents/how-to-use-group-based-policies-with-3rd-party-radius-using/ta-p/3930041" target="_blank" rel="noopener">https://community.cisco.com/t5/networking-documents/how-to-use-group-based-policies-with-3rd-party-radius-using/ta-p/3930041</A></P> Mon, 06 Jul 2020 21:26:40 GMT Damien Miller 2020-07-06T21:26:40Z Wired client authentication | Radius server or ISE? https://community.cisco.com/t5/software-defined-access-sd-access/wired-client-authentication-radius-server-or-ise/m-p/4114120#M719 <P>I recently ran across a practice test question that went along the lines of:</P><P>&nbsp;</P><P>"When a wired client connects to an edge node in an SDA fabric, what decides if the client has access to the network?"</P><P>&nbsp;</P><P>The choices included ISE and a radius server. Wouldn't they both be correct answers?</P><P><BR />Any input is appreciated.&nbsp;</P> Mon, 06 Jul 2020 18:43:23 GMT https://community.cisco.com/t5/software-defined-access-sd-access/wired-client-authentication-radius-server-or-ise/m-p/4114120#M719 UncleJP 2020-07-06T18:43:23Z Re: Wired client authentication | Radius server or ISE? https://community.cisco.com/t5/software-defined-access-sd-access/wired-client-authentication-radius-server-or-ise/m-p/4114229#M720 <P>Yes, it's a poor question if asked that way since both are technically correct. ISE is of course a radius server, and you can leverage a third party radius server + ISE for SDA. If they had used creative wording then maybe they were trying to trick you, you can't run SDA with only a third party radius server, you still need ISE. <BR /><BR />ex. <A href="https://community.cisco.com/t5/networking-documents/how-to-use-group-based-policies-with-3rd-party-radius-using/ta-p/3930041" target="_blank" rel="noopener">https://community.cisco.com/t5/networking-documents/how-to-use-group-based-policies-with-3rd-party-radius-using/ta-p/3930041</A></P> Mon, 06 Jul 2020 21:26:40 GMT https://community.cisco.com/t5/software-defined-access-sd-access/wired-client-authentication-radius-server-or-ise/m-p/4114229#M720 Damien Miller 2020-07-06T21:26:40Z