cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1734
Views
5
Helpful
2
Replies

Cisco ISE Security Group and Virtual network.

percybrathwaite
Level 1
Level 1

Where do you define the "Virtual Network" that is associated with the Security Group shown in the policy results configuration?

 

Virtual.PNG

1 Accepted Solution

Accepted Solutions

Mike.Cifelli
VIP Alumni
VIP Alumni
If your ISE cluster is integrated with DNAC for SDA you have to ensure that the host onboarding auth policy unique string matches in your ISE authz profiles otherwise your anycast GW will not come up. When you assign IP pools to your VNs under host onboarding you will see something like this: 192_168_0_0-Network1. You can then copy this string and paste it in your authz profile under the vlan check box. Then in your authz policy assign that profile and select the SGT you wish to assign under authz results. Good luck & HTH!

View solution in original post

2 Replies 2

Mike.Cifelli
VIP Alumni
VIP Alumni
If your ISE cluster is integrated with DNAC for SDA you have to ensure that the host onboarding auth policy unique string matches in your ISE authz profiles otherwise your anycast GW will not come up. When you assign IP pools to your VNs under host onboarding you will see something like this: 192_168_0_0-Network1. You can then copy this string and paste it in your authz profile under the vlan check box. Then in your authz policy assign that profile and select the SGT you wish to assign under authz results. Good luck & HTH!