Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
483
Views
0
Helpful
1
Replies

ISE Remediation Zone Proviosing on Wireless

Go to solution
Muhammad Hamid Ashraf
Level 1
Level 1

‎05-31-2018 01:38 AM

Dear All,

I am new to ISE and we are deploying ISE 2.3 in our environment. We have an employee SSID on which we are trying to do posturing.I have following queries:

1. If a client is not compliant  then is it possible to put that client in a remediation zone/quarantine zone where he will first remediate by updating critical updates from SCCM and some other policies. Will that client have a separate subnet in remediation zone? How to achieve this?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎05-31-2018 02:56 PM

Yes this is possible by returning in an authorization profile the name (preferred) or number of another VLAN

https://supportforums.cisco.com/t5/aaa-identity-and-nac/ise-authorization-profile/td-p/2025137

Recommendation is to use Scalable group tags and segmentation instead of VLAN changes.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎05-31-2018 02:56 PM

Yes this is possible by returning in an authorization profile the name (preferred) or number of another VLAN

https://supportforums.cisco.com/t5/aaa-identity-and-nac/ise-authorization-profile/td-p/2025137

Recommendation is to use Scalable group tags and segmentation instead of VLAN changes.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents