cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

132
Views
0
Helpful
4
Replies
Beginner

CAN Use CiscoI ISE to manage Microtik router Logins and Permissions by Group

Dear all

Can we Use Cisco ISE to manage Logins and Permissions by Group.

we have cisco ise 2.4 used for tacacs So in the future we need implement authentication with microtik.

Thanks

2 ACCEPTED SOLUTIONS

Accepted Solutions
Participant

Re: CAN Use CiscoI ISE to manage Logins and Permissions by Group

Absolutely!  You could use different groups within ISE if you are creating the accounts within ISE.  Or you could use Active Directory or LDAP groups as well.

View solution in original post

VIP Advocate

Re: CAN Use CiscoI ISE to manage Microtik router Logins and Permissions by Group

I did some digging, Microtik has no support TACACS, but it does support RADIUS for device admin functions.

There is a guide on the Microtik website that explains the configuration of AAA for their product. It says ACS, but ISE replaced the ACS functionality so it will work the same way.

https://wiki.mikrotik.com/wiki/Use_Cisco_ACS_to_manage_Logins_and_Permissions_by_Group

View solution in original post

4 REPLIES 4
Participant

Re: CAN Use CiscoI ISE to manage Logins and Permissions by Group

Absolutely!  You could use different groups within ISE if you are creating the accounts within ISE.  Or you could use Active Directory or LDAP groups as well.

View solution in original post

Cisco Employee

Re: CAN Use CiscoI ISE to manage Microtik router Logins and Permissions by Group

Please elaborate your requirement in detail. In general, yes, ISE can manage logins and permissions based on groups.
Highlighted
Beginner

Re: CAN Use CiscoI ISE to manage Microtik router Logins and Permissions by Group

Thank you

in my network i have Cisco ISE Appliance install HQ 2 node and use function TACACS+ for control permission for access to router CE PE for Admin manage or change configuration on router.  So in the future we will buy Microtik router for support customer and install on branch  and i need to control permission for manage or change configuration of microtik by Cisco ISE like same fuction TACACS+ for control router Cisco in existing.

VIP Advocate

Re: CAN Use CiscoI ISE to manage Microtik router Logins and Permissions by Group

I did some digging, Microtik has no support TACACS, but it does support RADIUS for device admin functions.

There is a guide on the Microtik website that explains the configuration of AAA for their product. It says ACS, but ISE replaced the ACS functionality so it will work the same way.

https://wiki.mikrotik.com/wiki/Use_Cisco_ACS_to_manage_Logins_and_Permissions_by_Group

View solution in original post