cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1521
Views
0
Helpful
4
Replies

ISE 2.1 Brocade ICX NAD profile

wileong
Cisco Employee
Cisco Employee

Anyone has a working NAD profile for Brocade ICX 6430 and 6450?

I am looking at using ISE profiling and posture with ISE 2.1. Is walled-garden approach a workable model?

Thanks

Wing Churn

1 Accepted Solution

Accepted Solutions

Craig Hyps
Level 10
Level 10

I should have one in near future.  Working with Brocade to get them on compatibility list and minimally published to NAD profile site for working configs.  Just loaded most current version for 6430 in lab but need a bit more time to test some key functions.  Brocade focus is on 7k series at moment which will be platform to receive all new "identity" features and updates.  8030 is last train to support the 6k series.  When available, profile for devices not officially validated by QA posted here.

Craig

View solution in original post

4 Replies 4

Craig Hyps
Level 10
Level 10

I should have one in near future.  Working with Brocade to get them on compatibility list and minimally published to NAD profile site for working configs.  Just loaded most current version for 6430 in lab but need a bit more time to test some key functions.  Brocade focus is on 7k series at moment which will be platform to receive all new "identity" features and updates.  8030 is last train to support the 6k series.  When available, profile for devices not officially validated by QA posted here.

Craig

Hi Craig,

I have 6430 and 6450 in test lab too and I am still stuck in authentication. ICX seems does not like the idea of machine authentication. From ISE log, I could not get correct syntax for host information and it always appear as host/anonymous but the radius username appear to be in good order.

Any idea?

Thanks

Wing Churn

wileong
Cisco Employee
Cisco Employee

Hi Craig,

Quick update, managed to get everything working with one small issue. Once endpoint moved to "Compliant" state and ISE is pushing CoA to NAD, ICX does not seems to understand "Disconnect" message? How do we get this working?

Thanks

Wing Churn

Screen Shot 2016-10-28 at 5.37.00 PM.pngScreen Shot 2016-10-28 at 5.37.09 PM.png

Hi all,

Managed to find out where went wrong. ICX end require CoA command to accept ISE CoA.

Wing Churn