Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1625
Views
5
Helpful
2
Replies

Cisco ISE Security Group and Virtual network.

Go to solution
percybrathwaite
Level 1
Level 1

‎11-05-2019 04:54 AM

Where do you define the "Virtual Network" that is associated with the Security Group shown in the policy results configuration?

 

Virtual.PNG

2 people had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎11-05-2019 07:21 AM

If your ISE cluster is integrated with DNAC for SDA you have to ensure that the host onboarding auth policy unique string matches in your ISE authz profiles otherwise your anycast GW will not come up. When you assign IP pools to your VNs under host onboarding you will see something like this: 192_168_0_0-Network1. You can then copy this string and paste it in your authz profile under the vlan check box. Then in your authz policy assign that profile and select the SGT you wish to assign under authz results. Good luck & HTH!

View solution in original post

2 Replies 2

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎11-05-2019 07:21 AM

If your ISE cluster is integrated with DNAC for SDA you have to ensure that the host onboarding auth policy unique string matches in your ISE authz profiles otherwise your anycast GW will not come up. When you assign IP pools to your VNs under host onboarding you will see something like this: 192_168_0_0-Network1. You can then copy this string and paste it in your authz profile under the vlan check box. Then in your authz policy assign that profile and select the SGT you wish to assign under authz results. Good luck & HTH!
Customers Also Viewed These Support Documents