Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1349
Views
0
Helpful
1
Replies

ISE + AnyConnect Policy Set

camo
Level 1
Level 1

‎05-01-2021 09:17 AM - edited ‎05-01-2021 04:27 PM

Hello all,

 

Is there a way to make different policy set based on client supplicant?

 

if AnyConnect; then Allowed Protocol is FAST

else Allowed Protocol is PEAP

 

The problem is that we have some people with AnyConnect and others with windows native supplicant. The allowed protocol is PEAP and FAST.

But Anyconnect has trouble to connect and the log in ISE says that

supplicant has abandoned EAP Session and Started new.

ISE is proposing PEAP to Anyconnect.

 

Thanks.

0 Helpful
1 Reply 1

hslai
Cisco Employee
Cisco Employee

‎05-02-2021 07:49 PM

What you asking is not possible. You amy try setting the preferred EAP protocol to EAP-FAST.

AnyConnect NAM and ISE should be able to negotiate and agree on EAP protocols to use. I hope you are using the latest AnyConnect release. Please engage Cisco TAC if you still need help.

0 Helpful
Customers Also Viewed These Support Documents