Hi, I have a problem
I setup ISE join it to AD, get from AD group name, and add it to ISE as external identity group. Then I make simple authentification policy rule which says, if protocol RADIUS than use AD1 store.
After this I create authorization police rule, and it says that if external group from AD then permit access.
And now when I try to connect via ASA, using anyconnect client, my authentification log says that I choose default authorization rule. Seems like ISE does not check my username for external group membership.
Why it's happens ?
Thanks