Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2519
Views
5
Helpful
1
Replies

Cisco ISE Radius auth for UNFI controller

Go to solution
jthombs1016
Level 1
Level 1

‎08-19-2021 03:57 AM

Hi All

Has anybody got Unfi controller authenticating through radius with Cisco ISE.

I cant seem to find any documentation on the subject.

 

Thanks 

JohnRadius, Device Admin

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arne Bier
VIP
VIP

‎08-20-2021 11:02 PM

Hi @jthombs1016 

 

Do you mean Unifi Controller from Ubiquity?

 

What are you hoping to achieve ? 802.1X or device admin?

 

If you point the controller at ISE and let the controller construct a RADIUS payload, you can do a tcpdump on ISE to see what attributes it uses - and then build your ISE Policy Set based on that.

At a minimum, the Unifi Controller should accept an Access-Accept back - obviously. But if you want to do anything more fancy than that, then you'll need to experiment. I think VLAN assignment might be pretty standard. But if you want to assign ACLs or anything more vendor specific, then you'll have to contact the vendor (if there is nothing via web search).

I just did a quick Google search and found this.

 

regards

View solution in original post

1 Reply 1

Go to solution
Arne Bier
VIP
VIP

‎08-20-2021 11:02 PM

Hi @jthombs1016 

 

Do you mean Unifi Controller from Ubiquity?

 

What are you hoping to achieve ? 802.1X or device admin?

 

If you point the controller at ISE and let the controller construct a RADIUS payload, you can do a tcpdump on ISE to see what attributes it uses - and then build your ISE Policy Set based on that.

At a minimum, the Unifi Controller should accept an Access-Accept back - obviously. But if you want to do anything more fancy than that, then you'll need to experiment. I think VLAN assignment might be pretty standard. But if you want to assign ACLs or anything more vendor specific, then you'll have to contact the vendor (if there is nothing via web search).

I just did a quick Google search and found this.

 

regards

Customers Also Viewed These Support Documents