cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

985
Views
0
Helpful
6
Replies
Highlighted
Contributor

Integrating a Juniper switch with ISE 2.3

Hi Experts,

We are going to start integrating the Juniper MX series switch with ISE in coming week.

The require NAD profile has been imported in ISE and I also have the sample config that is provided for Juniper switches.

I belive that the configuration on Juniper switches is not going to as same and easy as Cisco switches.

I need some pointers and advice as off what I shall be doing right and and what shall be avoided.

6 REPLIES 6
Cisco Employee

Re: Integrating a Juniper switch with ISE 2.3

Hi Dinesh, 

 

I just googled and came across this link - https://www.juniper.net/documentation/en_US/junos/topics/example/802-1x-pnac-ex-series-connecting-server-configuring.html 

This can be a good starting point.

 

Thanks,

Nidhi

Contributor

Re: Integrating a Juniper switch with ISE 2.3

Thanks for the document.

There is one more thing though, as we have a redirect ACL and posture ACL configured on Cisco Switches.

Is there something similar that needs to be followed on Juniper switches?

From what I have heard that, there concept of ACL is pretty much different when it comes to Juniper switches...

 

I am just wondering is there any ISE and Juniper switch integration specific document that could be used as a reference for this deployment?

 

Beginner

Re: Integrating a Juniper switch with ISE 2.3

Hi,

have you able manage the ACL and redirect ACL on Juniper? Just wondering as I am not seeing so much documentation about it.
Contributor

Re: Integrating a Juniper switch with ISE 2.3

We are working on configuring the ACL and there is some progress that we have made. As it turns out that the configuration of ACLs on Juniper is way different than what we do on a Cisco switch.

So currently we are in trial and error mode till we figure out the correct syntax and configuration for it.

Everyone's tags (2)
Cisco Employee

Re: Integrating a Juniper switch with ISE 2.3

I believe they do not support these advanced features that Cisco Switches support. Here is a similar question which contains a statement from juniper (I think) where they have some questions about what they need in order to support these features. 

 

https://community.cisco.com/t5/identity-services-engine-ise/juniper-web-redirection/td-p/3602636 

 

Juniper support forum is the best place to ask this question as they would have to let us know what they expect from the server in order to support these features. ISE simply sends the required attributes that the switches need to redirect/control traffic.

 

Contributor

Re: Integrating a Juniper switch with ISE 2.3

Yes, that would be right place to check. The profile that I had imported in ISE states that there is no URL redirection supported:

Juniper - posture redirect.JPG

Again, using auth VLAN here is no feasible, considering the number of sites that they have with Juniper switches.

What I am thinking of using calling home list for all the endpoints that are there for these specific sites, thus eliminating the need to a redirection.

But then I am still looking for a solution to configure Guest redirection on wired network?

Any ideas how could this be accomplished using this current Juniper profile?

Everyone's tags (3)