cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
898
Views
3
Helpful
2
Replies

ISE EAP Chaining

yohh
Cisco Employee
Cisco Employee

Hello,
I have 2 questions which have been asked my a partner.

Please let me know if there is a resource I can find the answers to as well.

Much appreciated!

1. I need to deploy ISE using Eap-Chaining also after success of Eap-chaining , I need to authenticate users using certificates.. is it possible ?

2. I need ISE to use a script if the Wireless NIC is connected and user connected the Wired NIC , the wireless NIC disconnect automatically (using the script) , is it possible ?

- Yale

1 Accepted Solution

Accepted Solutions

Charlie Moreton
Cisco Employee
Cisco Employee

1. I need to deploy ISE using Eap-Chaining also after success of Eap-chaining , I need to authenticate users using certificates.. is it possible ?

Yes, using the AnyConnect NAM Module, you can authenticate with certificates via EAP-TLS

2. I need ISE to use a script if the Wireless NIC is connected and user connected the Wired NIC , the wireless NIC disconnect automatically (using the script) , is it possible ?

Again, with the AnyConnect NAM Module, you can connect to the network via a single interface (Wired NIC or Wireless Adapter).  Once one is connected, the other is disconnected.  You can also force which type of connection is allowed.

View solution in original post

2 Replies 2

Charlie Moreton
Cisco Employee
Cisco Employee

1. I need to deploy ISE using Eap-Chaining also after success of Eap-chaining , I need to authenticate users using certificates.. is it possible ?

Yes, using the AnyConnect NAM Module, you can authenticate with certificates via EAP-TLS

2. I need ISE to use a script if the Wireless NIC is connected and user connected the Wired NIC , the wireless NIC disconnect automatically (using the script) , is it possible ?

Again, with the AnyConnect NAM Module, you can connect to the network via a single interface (Wired NIC or Wireless Adapter).  Once one is connected, the other is disconnected.  You can also force which type of connection is allowed.

Awesome, thank you for the quick response.