Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1023
Views
0
Helpful
6
Replies

Cisco Can MAP Internal User + Mac Address for Policy ?

jewfcb001
Level 4
Level 4

‎06-07-2022 01:18 AM

Hi All ,

 

For Cisco ISE , Can configure policy for internal User + mac address ? I mean match user + mac in user attribute . 

 

Thank you.

 

0 Helpful
6 Replies 6

Mohammed al Baqari
Level 11
Level 11

‎06-07-2022 02:02 AM

Hi,

Yes this is possible to match both conditions username and mac address.

**** please remember to rate useful posts
0 Helpful

jewfcb001
Level 4
Level 4
In response to Mohammed al Baqari

‎06-07-2022 02:39 AM

@Mohammed al Baqari 

 

Thank you for answer. And I think If I would like to map User + MAC In User Profile . Can i do ?

0 Helpful

Mohammed al Baqari
Level 11
Level 11
In response to jewfcb001

‎06-07-2022 03:09 AM

You can create custom conditions ANDing the username and MAC representing a
user profile. Then use this condition in your policy.

**** please remember to rate useful posts
0 Helpful

jewfcb001
Level 4
Level 4
In response to Mohammed al Baqari

‎06-09-2022 10:59 PM

@Mohammed al Baqari  

Can you show me some configuration on ISE GUI ?

0 Helpful

Rob Ingram
VIP
VIP

‎06-07-2022 02:08 AM

@jewfcb001 There are a couple of ways, but you can add the MAC address(es) into an endpoint identity group and reference the group name in an AuthZ rule and the username.

 

Use both conditions:

 

Internal User name EQUALS <the internal user>

IdentityGroupName EQUALS <Endpoint Group Name>

 

 

0 Helpful

jewfcb001
Level 4
Level 4
In response to Rob Ingram

‎06-07-2022 02:40 AM

@Rob Ingram 

Thank you for answer. But I would like to map User + MAC in User profile and use 2 attrribute do the policy . Can i do that?

0 Helpful
Customers Also Viewed These Support Documents