Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
454
Views
0
Helpful
1
Replies

Cisco ISE restricted wireless SSID access to specific domain

Mohamed Kabeer S
Level 1
Level 1

‎09-18-2019 11:08 PM

Dear All,

 

Good day,

 

I am very new cisco ISE. In my company we are using cisco 5508 wireless controller and cisco ISE. We have lot of domian and I can see lot of SSID. Now we implemented for some SSID with 802.1x authentication and I want to implement to one of the SSID with 802.1x authentication and I want to restrict that SSID should be used by specific domian and other domain users will restrict.

 

ISE version 2.2

Kindly advise how we can do.

 

Regards,

Kabeer

 

0 Helpful
1 Reply 1

Arne Bier
VIP
VIP

‎09-19-2019 02:13 AM

Hi @Mohamed Kabeer S 

 

If you have have the ability to join the specific AD domain and make that a unique Join Point in ISE, then you can refer to that Join Point in your Authentication Policy.  That means, create a new Policy Set and make the top-level condition to include (Wireless_802.1X AND Normalised_RADIUS Contains <SSID_name>) and then use the AD Join Point in that Policy Set's Authentication Policy.  Do whatever else you need to in your Authorization Policy (e.g. checking AD Security Groups or whatever else).

 

0 Helpful
Customers Also Viewed These Support Documents