11-24-2022 05:01 AM
Hi All
Do you need Cisco ISE to apply SGTs to switches? or could you get other NAC software to apply them via api's etc ?
Could you apply an SGT manually ?
cheers
Solved! Go to Solution.
11-24-2022 05:17 AM
@carl.townshend no you don't need to use ISE, but it's easier. You can send the specific TrustSec (CTS) specific RADIUS Attribute Pairs (AVP) to the switches. https://community.cisco.com/t5/security-knowledge-base/ise-radius-network-access-attributes/ta-p/3616253#toc-hId-725008623
Yes you can apply SGT manually on the switches. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cts/configuration/xe-16/sec-usr-cts-xe-16-book/cts-subnet-sgt.html
11-24-2022 05:17 AM
@carl.townshend no you don't need to use ISE, but it's easier. You can send the specific TrustSec (CTS) specific RADIUS Attribute Pairs (AVP) to the switches. https://community.cisco.com/t5/security-knowledge-base/ise-radius-network-access-attributes/ta-p/3616253#toc-hId-725008623
Yes you can apply SGT manually on the switches. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cts/configuration/xe-16/sec-usr-cts-xe-16-book/cts-subnet-sgt.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide