cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1957
Views
0
Helpful
2
Replies
David Hild
Advisor

Configure ISE to use CAC

I have a customer that requires for ISE to use the CAC cards as identification and authorization. We haven't been able to find much info on this except that it is possible. Can someone please point me to documentation that specifically shows how to configure ISE to use the CAC cards?

1 ACCEPTED SOLUTION

Accepted Solutions
gbekmezi-DD
Contributor

The CAC provides a user certificate to the endpoint. ISE doesn’t need any special integration for that functionality. From ISE’s perspective you treat it like any CA infrastructure. Import roots for trust and use those roots for authenticating. If the endpoint supports the CAC, then you should be able to use it for authentication.

George

View solution in original post

2 REPLIES 2
gbekmezi-DD
Contributor

The CAC provides a user certificate to the endpoint. ISE doesn’t need any special integration for that functionality. From ISE’s perspective you treat it like any CA infrastructure. Import roots for trust and use those roots for authenticating. If the endpoint supports the CAC, then you should be able to use it for authentication.

George

What about logging into the admin console of the appliance using a CAC? This is a DOD requirement, and we cannot seem to get it to work.

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube