06-25-2022 11:54 AM
We are reviewing an ISE deployment.
ISE is trying to authenticate a user with a MAC address.
There is no DB server like Active Directory here.
Collecting the MAC addresses of numerous users is cumbersome.
Any good ideas?
Solved! Go to Solution.
06-27-2022 01:26 PM
at Policy > Policy Set > create a:
Policy Set Name: Wired-MAB
Condition: Wired_MAB
the Authentication Policy:
Rule Name: MAB
Condition: Wired_MAB
Use: Internal Endpoints
Options: If Auth Fail = Continue
the Authorization Policy:
Rule Name: OpenAccess
Condition: Wired_MAB
Result: PermitAccess
at this point, any MAB Request will be accepted.
At Operations > Reports > Reports > Endpoint and Users > RADIUS Authentication > click the Export To = Repository (CSV) to generate a report ... get ALL the MACs looking at the Endpoint ID column.
Hope this helps !!!
06-27-2022 09:55 AM
What is your use-case? What exactly are you trying to do?
https://community.cisco.com/t5/security-documents/how-to-ask-the-community-for-help/ta-p/3704356
06-27-2022 01:26 PM
at Policy > Policy Set > create a:
Policy Set Name: Wired-MAB
Condition: Wired_MAB
the Authentication Policy:
Rule Name: MAB
Condition: Wired_MAB
Use: Internal Endpoints
Options: If Auth Fail = Continue
the Authorization Policy:
Rule Name: OpenAccess
Condition: Wired_MAB
Result: PermitAccess
at this point, any MAB Request will be accepted.
At Operations > Reports > Reports > Endpoint and Users > RADIUS Authentication > click the Export To = Repository (CSV) to generate a report ... get ALL the MACs looking at the Endpoint ID column.
Hope this helps !!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide