Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
727
Views
0
Helpful
2
Replies

Can ISE use a CAC to log into network devices?

RDrew
Level 1
Level 1

‎11-18-2022 09:28 AM

Hello,

 

I have searched here and on the interwebs but cannot find any definitive answers.

I work in a strict air gapped environment; we currently use ISE as our TACACS server only. The ISE server is integrated with AD so we can use our AD username and password to log into the web gui of ISE as well as all the network devices,

ISE - 3.1.0.518 Patch 1

ASR1001-x Router -9.17.03.05

ASA 5525 FW - 9.12(4)41

Nexus 3048 switch - 9.3(10)

Catalyst 3850 Switch - 9.16.12.07

 

My system admins are starting to make the whole environment PKE compliant mean we need to use a CAC to log into the workstations and domain.

My question is, can or is there a way to set up ISE GUI and the devices to use the CAC for device cli login as well? If so, is there any kind of documentation that I can follow to get this working?

 

Thank you in advance for any help y'all can offer me.

0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎11-19-2022 04:46 AM

if i understand correctly - you looking to use CAC for login to the device, personally NO  and not supported as per I know.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

hslai
Cisco Employee
Cisco Employee

‎11-19-2022 06:29 PM

@RDrew : See ISE TACACS with Smart Card integration 

0 Helpful
Customers Also Viewed These Support Documents