Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
292
Views
0
Helpful
3
Replies

ISE 1.2 - Match Policy Set based on endpoint identity group?

Josh Morris
Level 3
Level 3

‎09-12-2014 07:23 AM - edited ‎03-10-2019 10:01 PM

Hello, I would like to create a condition that would force MAB'd clients to hit a certain policy set if their MAC address matches one in an endpoint identity group? Is this possible? I feel like a condition can be created using a combination of attributes, but I cannot seem to hit on it properly. Thanks.

Labels:
0 Helpful
3 Replies 3

nspasov
Cisco Employee
Cisco Employee

‎09-15-2014 02:44 PM

Sorry to bring the bad news but that is not possible. You cannot use the "endpoint group" as an attribute when creating an "authentication" condition. 

What exactly are you trying to accomplish? Give us some more details and perhaps there is a different solution for you. 

 

Thank you for rating helpful posts!

0 Helpful

Josh Morris
Level 3
Level 3
In response to nspasov

‎09-16-2014 07:10 AM

Thanks. I have the basic wired/wireless policy sets, but would like a more detailed level of policy sets for some of my lab machines that need individual DACLs. I dont want to saturate my policy with DACLs. So I would like MAB'd users to enter the Lab Machine Policy Set if they fall in a certain endpoint identity group.

0 Helpful

nspasov
Cisco Employee
Cisco Employee
In response to Josh Morris

‎09-16-2014 05:39 PM

The cleanest way to to this would be to dedicate:

1. (Wired) A test switch where all of your test devices are connecting. You can then build a policy set that matches against that NAS.

2. (Wireless) A test SSID and/or a controller (virtual or 2504). You can then build a policy set that is dedicated to that SSID 

 

Thank you for rating helpful posts! 

0 Helpful
Customers Also Viewed These Support Documents