cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1366
Views
0
Helpful
6
Replies
Wales007
Beginner

Does ISE 1.1 support TACACS and H-REAP?

Hello,

Does ISE1.1 support TACACS/TACACS+ and H-REAP mode ?

Also, customer wants to have quick access to the corporate network with some few laptops without going through the Actice Directory? Any suggestion on this?

Thanks

Olu

6 REPLIES 6
Tarik Admani
Advocate

Hi,

ISE does not support tacacs. You can create internal users within the ISE database and can assign them to the network.

Please provide the controller code that the customer is running with regards to your second question (hreap).

Thanks

Tarik Admani
*Please rate helpful posts*

Wales007
Beginner

Its 5508 WLC with version 7.2 on it.

For the last bit, i was thinking of using Pre-shared key on the WLC with the PSK only known to the Network Adminstrator and getting it changed frequently.

Let me know your thoughts about this.

Thanks

Olu

Will we require the use of the Active Directory (AD) if we use EAP-TLS or EAP-TTLS to authenticate users?

Olu

EAP-TLS does not rely on AD.

CA root cert is installed on ACS for trust and identity.

you can elect to Perform Binary Certificate Comparison with Certificate retrieved from LDAP or Active Directory

Users and Identity Stores > Certificate Authentication Profile > Edit: "CN Username"

see the checkbox at the bottom.

I do EAP TLS machine auth only without integrating AD into the policy at all.

hth,

jk

vikasyad
Beginner

No ISE 1.1 does not support tacacs+  but it is on the roadmap and will  start supporting from ISE 2.0 which will release later next year.

pavan.gokarn
Beginner

ISE 2.0 onwards will start supporting tacacs+ but not current version

Sent from Cisco Technical Support Android App

Content for Community-Ad