Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3471
Views
70
Helpful
5
Replies

How do we check if Cisco ISE configured with RADIUS authentication ?

Go to solution
Network_Sarovani
Level 3
Level 3

‎03-08-2022 11:15 PM

Hello Experts , 

 

How do we check if Cisco ISE configured with RADIUS authentication services or with TACACS ? 

 

 

1 Accepted Solution

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Network_Sarovani

‎03-09-2022 04:32 AM

yes correct as per the config - that is global config,. you can also check interface config is the same ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

5 Replies 5

Go to solution
Kasun Bandara
VIP
VIP

‎03-08-2022 11:30 PM

Cisco ISE itself a radius server. also can map to external radius server if required. check below link. 

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/213239-configure-external-radius-servers-on-ise.html#anc7

you can check policies for radius rules or tacacs rules and identify which services are configured. also use live log for radius and tacacs to identify activities for relevant services

 

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎03-08-2022 11:42 PM

ISE is Identity and TACACS/Radius purpose, You can check the end devices configured with ISE IP address:

 

check policies :

 

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/215525-use-radius-for-device-administration-wit.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Network_Sarovani
Level 3
Level 3
In response to balaji.bandi

‎03-09-2022 01:33 AM

I see the below config on switches..So it means we are using radius ?

 

aaa new-model
!
!
aaa group server radius ISE
server name ISE1
server name ISE2
ip radius source-interface Vlan201
!
aaa authentication login default group ISE local
aaa authentication dot1x default group ISE
aaa authorization exec default group ISE local
aaa authorization network default group ISE
aaa accounting update newinfo periodic 2880
aaa accounting identity default start-stop group ISE
aaa accounting exec default start-stop group ISE
!
!
!

Go to solution
Rob Ingram
VIP
VIP
In response to Network_Sarovani

‎03-09-2022 02:04 AM

@Network_Sarovani check the ISE Live Logs or Device Admin Logs to determine whether there are RADIUS and/or TACACS sessions.

 

On the switches you can run "show authentication session" to determine whether there are active sessions.

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Network_Sarovani

‎03-09-2022 04:32 AM

yes correct as per the config - that is global config,. you can also check interface config is the same ?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents