02-15-2020 01:15 AM
Hello,
I have a number of end points which appear in ISE as unknown or are wrong provisioned. This is of course because the radius does pass to much information ones a device requests access to the network I would like to make a rule which allows a device to access the network and only allow it access ISE, DHCP and some dummy vlan. Ones ISE has grabed enough data from DHCP and has profiled the device accordingly I would like to trigger COA, get the device disconnected and then allow it to hit the proper rule in the policy set according to its profile. I would like to make this rule for particular identity groups, not all devices, for example canon printers.
How can I acheive it ?
Br
Piotr
Solved! Go to Solution.
02-15-2020 05:24 AM
02-16-2020 05:54 AM
Hi Mike,
Thanks for the excelent answer. I would like to chose the option number two to utilize an ISE portal to allow onboarding (registering) endpoints into respective groups. You have refered me to the guide but I can not find any info how to build such portal ?
Br
Piotr
02-17-2020 08:37 AM - edited 02-17-2020 08:39 AM
There are built in portals provided by Cisco that you can modify and reference in your authz profiles. You can also create custom portals via: https://isepb.cisco.com/#/
Take a peek on labminutes.com/video/sec
They have some good free tutorials. HTH!
02-15-2020 05:24 AM
02-16-2020 05:54 AM
Hi Mike,
Thanks for the excelent answer. I would like to chose the option number two to utilize an ISE portal to allow onboarding (registering) endpoints into respective groups. You have refered me to the guide but I can not find any info how to build such portal ?
Br
Piotr
02-17-2020 08:37 AM - edited 02-17-2020 08:39 AM
There are built in portals provided by Cisco that you can modify and reference in your authz profiles. You can also create custom portals via: https://isepb.cisco.com/#/
Take a peek on labminutes.com/video/sec
They have some good free tutorials. HTH!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: