2.2 to 2.4 Authentication Policy

latenaite2011 · ‎06-05-2018

Does anyone know how to create the authentication policy in 2.4 of the equivalent authentication policy of 2.2 attached?

I am having problem trying to have both the allowed protocols of HOST_LOOKUP (or any protocol that is selected) and "internal endpoints" using the same rule and you will see there there is also a default keyword under MAB so I am confused.

This MAB authentication policy is under the machine authentication policy LM_WIRED...

When you review the details of the log, you will see the authentication policy as

LM WIRED ---> MAB --->> Default -->

Arne Bier · ‎06-05-2018

Does this work for you?

I used the built-in smart condition called Wired_MAB because it's useful and adapts dynamically to other vendor implementations - see below

And then the rest of the Policy Set would look like this (not sure whether you want to tell ISE to Continue if User not found? And also, what is your Authorization Policy ? I just made something up that will send Access-Accept if Authentication passed)

Arne Bier · ‎06-17-2018

Does this work for you?

I used the built-in smart condition called Wired_MAB because it's useful and adapts dynamically to other vendor implementations - see below

And then the rest of the Policy Set would look like this (not sure whether you want to tell ISE to Continue if User not found? And also, what is your Authorization Pol