10-05-2018 05:07 AM
Hi,
I have several web admin gui, like WLC and DNAC, that I would like to have RADIUS-login to. I am running ISE 2.3.
The problem I am having is to write a Policy Set that will get matched when a web-login-request comes to ISE.
In the RADIUS-log I can see that the attempts has these two attributes:
Authentication Method | PAP_ASCII |
Authentication Protocol | PAP_ASCII |
I do not see NAS Port type or any other attribute that is different from other RADIUS packets.
However I am not able to choose Auth Method or Protocol as conditions in the Policy Set. I tried making my own condition in the Library, but that one I can only choose in the Authorization Policy not the Policy Set.
Do you know any way I can do a Policy Set that will match on web-login?
Regards
Philip
Solved! Go to Solution.
10-05-2018 06:04 AM
10-05-2018 05:32 AM
Use device type and build a policy set for each device type. Or are you trying to distinguish between CLI and Web access. I don't usually do that for WLCs.
10-05-2018 05:49 AM
10-05-2018 05:52 AM
10-05-2018 05:58 AM
No you can have RADIUS also. I have done this on earlier versions of ISE.
https://rscciew.wordpress.com/tag/wireless-lan-controller/
10-05-2018 06:00 AM
10-05-2018 06:04 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: