09-10-2020 12:42 AM
Hi guys,
I am trying to create a policy set rule for network access in which I would like to do 1 big OR in between and 2 AND but I could not find a way to do it.
Thanks,
Chris.
Solved! Go to Solution.
09-10-2020 06:54 AM
You will have to create library conditions to be able to mix and match AND's and OR's. So library condition to hold all of your OR's and then in your policy, just use AND to combine the conditions. Hard to tell what you are wanting to do from your screenshot.
09-10-2020 06:54 AM
You will have to create library conditions to be able to mix and match AND's and OR's. So library condition to hold all of your OR's and then in your policy, just use AND to combine the conditions. Hard to tell what you are wanting to do from your screenshot.
09-10-2020 07:03 AM
Hi, trying to create a rule that will combine 2 AND's separated by an OR(AD group AND Network compound condition) OR (another AD group AND Network Compound)
If that makes sense.
09-10-2020 04:05 PM
There is no way to configure that kind of complex structure in the AuthZ policy in ISE 2.2, but you can create a more complex Compound Condition with various AND/OR statements using pre-configured Simple Conditions. You need to create your Simple Conditions first, then create a new Compound Condition, add one of your Simple Conditions, then switch to the Advanced View. From there, you can create all kinds of AND (&) OR (|) and NOT (!) combinations. The new Condition Studio in ISE 2.3+ is much more flexible in this way.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide