03-07-2018 06:12 AM
Hi All !
I need to add a authorization rule by the machine os. With this rule i want allow or deny access, for example if the machine is a windows machine or mac os machine, the user can access to the Lan.
I have a authrorization rule create in my ISE server, but not work. I attach a screen capture.
My ISE Server Version: 2.3.
Thanks so much
Solved! Go to Solution.
03-07-2018 06:25 AM
Hello Cesar,
Start by checking in Context Visibility > Endpoints > Authentication for the MAC address of the Windows workstation. Compare the attributes collected by profiler to the Policy > Profiling conditions for the Windows-Workstation-OS profile. If the conditions required to trigger the Windows-Workstation-OS profile are there, then further checking as to why the Policy Sets policy condition is not being triggered is required. If the conditions required to trigger the Windows-Workstation-OS profile are not there, then further checking into the Profiling configuration is required.
Cheers,
Greg
03-07-2018 06:25 AM
Hello Cesar,
Start by checking in Context Visibility > Endpoints > Authentication for the MAC address of the Windows workstation. Compare the attributes collected by profiler to the Policy > Profiling conditions for the Windows-Workstation-OS profile. If the conditions required to trigger the Windows-Workstation-OS profile are there, then further checking as to why the Policy Sets policy condition is not being triggered is required. If the conditions required to trigger the Windows-Workstation-OS profile are not there, then further checking into the Profiling configuration is required.
Cheers,
Greg
03-07-2018 07:07 AM
I test it
Thanks
04-24-2018 02:37 PM
What kind of profiling are you doing? Are these all wireless or wired? Are you sending DHCP information to ISE via device sensor or WLC radius profiler?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide