cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1314
Views
0
Helpful
4
Replies
Cisco Employee

Fortinet Integration with ISE/User IP Mapping

Do we support Fortinets Integration with ISE in reference to gathering User to IP Mapping via the ISE syslog?

Thanks, Kevin

4 REPLIES 4
Cisco Employee

Re: Fortinet Integration with ISE/User IP Mapping

I am not aware of official support but there are few syslog messages from ISE that contains user/ip info; Passed authentications or RADIUS accounting.

Cisco Employee

Re: Fortinet Integration with ISE/User IP Mapping

I am trying to determine whether this could be done because there is a potential ISE opportunity here that would involve over 30k device licenses.   If you are unaware, it leads me to believe that the integration may be possible but you may just not be aware of it.   Is this the case?

Highlighted
Contributor

Re: Fortinet Integration with ISE/User IP Mapping

I've had some experience setting up wireless authentication as well as VPN authentication on some smaller Fortinet gateways running FortiOS 5.4 and 5.6. Most of the ecosystem within the Fortinet product line is self contained and only recently have I seen the a beginnings of some configuration options that would allow some more robust authentication options. What you are describing is a prime example of context sharing which is the essence of the pxGrid persona of ISE. Unfortunately I don't see Fortinet on the list of vendors that support integrations.

What do you envision this integration would look like? What data are you looking to consume and how would you use that data? I think Fortinet opening themselves up to 3rd party integrations would be very beneficial to their customer base, personally I'd like to see this first in their wireless implementations and the ability to leverage 3rd party portal redirects/acls and expanded RADIUS VSAs.

Cisco Employee

Re: Fortinet Integration with ISE/User IP Mapping

Hi Kevin,

The discussion needs to move to the PM team.

- Krish