cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3514
Views
0
Helpful
4
Replies

Fortinet Integration with ISE/User IP Mapping

klauerma
Cisco Employee
Cisco Employee

Do we support Fortinets Integration with ISE in reference to gathering User to IP Mapping via the ISE syslog?

Thanks, Kevin

4 Replies 4

howon
Cisco Employee
Cisco Employee

I am not aware of official support but there are few syslog messages from ISE that contains user/ip info; Passed authentications or RADIUS accounting.

I am trying to determine whether this could be done because there is a potential ISE opportunity here that would involve over 30k device licenses.   If you are unaware, it leads me to believe that the integration may be possible but you may just not be aware of it.   Is this the case?

I've had some experience setting up wireless authentication as well as VPN authentication on some smaller Fortinet gateways running FortiOS 5.4 and 5.6. Most of the ecosystem within the Fortinet product line is self contained and only recently have I seen the a beginnings of some configuration options that would allow some more robust authentication options. What you are describing is a prime example of context sharing which is the essence of the pxGrid persona of ISE. Unfortunately I don't see Fortinet on the list of vendors that support integrations.

What do you envision this integration would look like? What data are you looking to consume and how would you use that data? I think Fortinet opening themselves up to 3rd party integrations would be very beneficial to their customer base, personally I'd like to see this first in their wireless implementations and the ability to leverage 3rd party portal redirects/acls and expanded RADIUS VSAs.

Hi Kevin,

The discussion needs to move to the PM team.

- Krish