cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4552
Views
0
Helpful
6
Replies

bluecoat proxy ssg 300-25 administration access using ISE

Meuserid1979
Level 1
Level 1

Hi experts,

 

my customer needs to migrate from acs to ise. this will be for administration access of their devices. they have non-cisco devices and 1 of them is bluecoat proxy. i have tried to configure the way i think it will work but unfortunately no luck. so far below are what have i done:

 

1. added bluecoat vendor id(14501) on ise dictionary

2.  added attribute for admin access. admin access id = 2

3. added attribute for read only access. read only = 1

4. created device profile for bluecoat. using the newly added radius attribute

5. created a policy with the result of "administrative" for admin access. and "login" for read only access. 

 

during testing authentication is successful but doesnt go thru to proxy gui access. the device is re-prompting to username and password window. 

 

anybody have tried this setup ? or maybe can point me to a good document. thanks in advance.

 

regards,

chris 

6 Replies 6

Hi Chris,

Add Bluecoat Proxy under Radius Vendor in ISE Dictionary with vendor id 14501

Under dictionary attribute add 2 new attribute with

Attribute Name : Blue-Coat-Authorization

Data Type: UINT32

Direction: Both

ID: 2

Another attribute with Attribute Name: Blue-Coat-Group

Data Type: UINT32

Direction: Both

ID: 1

 

Under Authorization profile,use network device profile as Bluecoat,then in Advance attribute call the above 2 attributes as:

Blue-Coat-Authorization = 2
Blue-Coat-Group = 2 

-Aravind