cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

2012
Views
0
Helpful
4
Replies
Highlighted
Beginner

Inline Posture between Cisco ISE and Wireless LAN Controller

Hi,

I was looking into Cisco ISE solution for deploying NAC.

I have a question about the network topology.

In  the user guide documents of cisco ISE, it is written that for Wireless  LAN Controllers (WLC) and VPN devices, an additional server, Inline Posture, is needed.

However, in the following integration document, there is not an inline posture between WLC and Cisco ISE server.

https://supportforums.cisco.com/docs/DOC-18121

I  want to know if Inline Posture is a requirement, if not a  requirement, what are the benefits of having it between Cisco ISE Server  and WLC.

Thanks & Regards

Sinan

4 REPLIES 4
Highlighted
Beginner

When doing posture assesment, ISE Needs to send information ack to the network device to change parameters, for example vlan change. In switches this is done with CoA, an extention to the radius protocol.

WLC doesnt support CoA as of v7.1.

Sent from Cisco Technical Support iPad App

Highlighted

Later versions of WLC do support COA. There are versions currently shipping that do support COA

Highlighted
Beginner

Highlighted
Cisco Employee

An Inline Posture node is a gatekeeper that enforces access policies and handles change of authorization (CoA) requests.

following link "Cisco Identity Services Engine Network Component Compatibility, Release 1.2" Lists NAD that support "Session CoA"

http://www.cisco.com/en/US/docs/security/ise/1.2/compatibility/ise_sdt.html

Content for Community-Ad