Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2985
Views
0
Helpful
3
Replies

Cisco ISE 2.1 - Where configure CoA shared secret?

Go to solution
Bernhard Roth
Level 1
Level 1

‎02-06-2017 10:13 AM - edited ‎03-11-2019 12:26 AM

Hello!

I have a test installation of Cisco ISE 2.1 (Patch 2).

I have configured a switch with aaa dynamic author, IP of ISE and a shared secret for correct CoA operation.

When doing a CoA operation, the switch does complain about a wrong secret.

I have searched a lot in docs and the web interface but maybe I'm a bit blind.

Where can I configure the shared secret for my switch on ISE web interface?

Best regards,

Bernhard

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎02-06-2017 11:25 AM

AFAIK, the shared secret section under Administration > Network Resources > Network Devices is used for both Radius and COA. So you only have to define it once on your ISE.

For switches, you have to define it twice, but if you are using it with ISE, you need to have it set to the same.

WLC also has one definition for shared secret if I recall correctly.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎02-06-2017 11:25 AM

AFAIK, the shared secret section under Administration > Network Resources > Network Devices is used for both Radius and COA. So you only have to define it once on your ISE.

For switches, you have to define it twice, but if you are using it with ISE, you need to have it set to the same.

WLC also has one definition for shared secret if I recall correctly.

0 Helpful

Go to solution
Bernhard Roth
Level 1
Level 1
In response to Rahul Govindan

‎02-06-2017 11:43 AM

Thank you very much! It works!

It was a bit strange for me to believe that the same shared secret had to be configured twice on a single switch.

Do you "have to know it" or is there somewhere a reference in the documentation?

0 Helpful

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni
In response to Bernhard Roth

‎02-06-2017 11:56 AM

Interestingly, I have not found this documented anywhere, know it from trial and error (more of the error). It probably is hidden somewhere within the bundles of information on the Cisco documentation site :)

0 Helpful
Customers Also Viewed These Support Documents