Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2472
Views
0
Helpful
1
Replies

ISE authentication policy additional options

Go to solution
Nub65
Level 1
Level 1

‎11-12-2019 11:17 PM

Hello,

Could anyone explain what this additional options do?

ISE.PNG

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎11-13-2019 05:55 AM

Brief overview:
If Auth Fail send radius-reject because client has not met your authc requirements
If user not found in your identity source used send radius-reject. This could be internal endpoints/AD/etc. or all of the above depending on configuration.
If process fail send radius-reject. Process fail could be mab/dot1x process failing/terminating depending on configuration.

Description of options:
Reject: Send ‘Access-Reject’ back to the NAD
Continue: Continue to authorization regardless of authc outcome
Drop: Drop the request and do not respond to the NAD. During this the NAD deems ISE as dead.
HTH!

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎11-13-2019 05:55 AM

Brief overview:
If Auth Fail send radius-reject because client has not met your authc requirements
If user not found in your identity source used send radius-reject. This could be internal endpoints/AD/etc. or all of the above depending on configuration.
If process fail send radius-reject. Process fail could be mab/dot1x process failing/terminating depending on configuration.

Description of options:
Reject: Send ‘Access-Reject’ back to the NAD
Continue: Continue to authorization regardless of authc outcome
Drop: Drop the request and do not respond to the NAD. During this the NAD deems ISE as dead.
HTH!
0 Helpful
Customers Also Viewed These Support Documents