This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
I would like to ask you if it's possible to use a dynamic Filter-ID attribute in ISE. Our customer is applying different access control for VPN users using a custom attribute called Filter-ID on ACS 5.8. Using this attribute it is possible to use only one authorization profile and assign specific per user ACL configured on the firewalls.
Does ISE support this functionality?
As far as i know, it is possible to configure ISE to deploy per User dACL present in either the internal identity store or an external identity store.
What if firewalls do not support dACL functionality? Which option could we use to follow the same functionality on ISE without need of creating a bunch of new authorization profiles?
Solved! Go to Solution.