Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
484
Views
1
Helpful
1
Replies

Authorization policy does not match for SessionLimitExceeded condition

Go to solution
rezaalikhani
VIP
VIP

‎02-10-2024 01:17 AM - edited ‎02-10-2024 01:18 AM

Hi all;

In my scenario, I want Contractor guests to have only one simultaneous session to ISE. If they exceed this limitation, a message will appear for them. Therefore, I have configured the settings based on the following:

rezaalikhani_0-1707555111782.png

I also created the following authorization rule for this purpose:

rezaalikhani_1-1707555327627.png

For testing purpose, the guest user logins to the portal without any problem as you can see below:

rezaalikhani_2-1707555704268.png

Now the same guest user tries to access the network using another system:

 

rezaalikhani_3-1707555862828.png

Now the same user tries to login from the second system:

 

rezaalikhani_5-1707555994921.png

After login, he connects to the network without any problem.

The strange thing is that, after inspecting the created authorization rule for exceeded guests, nothing has been matched with the rule as you can see below:

rezaalikhani_7-1707556200656.pngrezaalikhani_8-1707556281320.png

Any ideas?

Thanks

 

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎02-12-2024 06:05 PM

@rezaalikhani Try removing the library condition Guest_Flow, as done at ISE Guest - Configure Maximum Simultaneous Logins for Endpoint Users 

View solution in original post

1 Reply 1

Go to solution
hslai
Cisco Employee
Cisco Employee

‎02-12-2024 06:05 PM

@rezaalikhani Try removing the library condition Guest_Flow, as done at ISE Guest - Configure Maximum Simultaneous Logins for Endpoint Users 

Customers Also Viewed These Support Documents