03-13-2012 01:21 PM - edited 03-10-2019 06:54 PM
I am testing ISE and Auto Smartports and i got the execution of the macro via ISE working.
However, it seems i MUST enable globally "macro auto global processing " before it the macro is really executed.
I would like to avoid this, as enabling this globally, it will automatically run all standard cisco macros for phones, AP, etc.
To prevent this, i need to configure "no macro auto processing" on each and every interface...
Isn't there another way to enable macros but not run the default macros on all ports. Only run -custom- macros when triggered by ISE ?
regards,
Geert
09-19-2016 08:10 AM
Would you like to share the document that you followed to get Auto Smarports to work with a response from the ISE?
I can´t find anything where it is well explained.
08-02-2017 07:35 PM
In the ISE authorization profile, along with "permit"
If you write the trigger string in the profile and configure a script with this trigger string on the switch, when the EP interface is authorised with your profile, ISE will send a radius attribute calling the switch to run the script on this EP interface.
It was well documented in Cisco TrustSec solution white papers in my memory.
08-02-2017 07:30 PM
With ISE normally the deployment is switch wide, so to enable it globally can simplify the port configuration.
When dot1x is enabled on an interface, the Cisco auto macro will not run until ISE tells the switch so. It is a bit inconvenient but acceptable.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide