09-10-2020 12:42 AM
Hi guys,
I am trying to create a policy set rule for network access in which I would like to do 1 big OR in between and 2 AND but I could not find a way to do it.
Thanks,
Chris.
Solved! Go to Solution.
09-10-2020 06:54 AM
You will have to create library conditions to be able to mix and match AND's and OR's. So library condition to hold all of your OR's and then in your policy, just use AND to combine the conditions. Hard to tell what you are wanting to do from your screenshot.
09-10-2020 06:54 AM
You will have to create library conditions to be able to mix and match AND's and OR's. So library condition to hold all of your OR's and then in your policy, just use AND to combine the conditions. Hard to tell what you are wanting to do from your screenshot.
09-10-2020 07:03 AM
Hi, trying to create a rule that will combine 2 AND's separated by an OR(AD group AND Network compound condition) OR (another AD group AND Network Compound)
If that makes sense.
09-10-2020 04:05 PM
There is no way to configure that kind of complex structure in the AuthZ policy in ISE 2.2, but you can create a more complex Compound Condition with various AND/OR statements using pre-configured Simple Conditions. You need to create your Simple Conditions first, then create a new Compound Condition, add one of your Simple Conditions, then switch to the Advanced View. From there, you can create all kinds of AND (&) OR (|) and NOT (!) combinations. The new Condition Studio in ISE 2.3+ is much more flexible in this way.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: