Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
668
Views
5
Helpful
1
Replies

TrustSec - Dynamic IP Pool

Xividar
Level 1
Level 1

‎03-31-2021 04:47 AM

Hi Guys,


I need to dynamically drop a user in to a particular VN / IP Pool, I have created my Authorization Policy within ISE, and under Common Tasks, selected Security Group, and then set my SGT, VN, Type, and IP Pool - when the user logs in, I can see the Profile getting applied, however, it does not seem to update the port on the switch. Using the VLAN / VLAN ID method does appear to work.

I have seen the Security Group method on some slides, so it appears to be supported.

Thanks for help in advanced.

1 Reply 1

jedolphi
Cisco Employee
Cisco Employee

‎04-01-2021 03:00 AM

Hi. It's a wired endpoint I assume? Both methods should work, if they don't you can raise a TAC case or share some more debugging information here. The CLI on Fabric Edge "test aaa group radius <username> <password> new-code" should give some clues. Also if the switch is not too busy with users you could try and connect a new endpoint while "debug radius" is running on the Fabric Edge. Cheers, Jerome

0 Helpful
Customers Also Viewed These Support Documents