2976
Views
0
Helpful
1
Replies

Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2019 03:32 AM
Hi!!
We are trying to do a ISE option, were after a X number of failed login attempts the user is send to a specific vlan named "quarantine" vlan, is it possible to do this via the policy sets?
ISE is configured to authenticate users via AD.
Thanks for the help!
Solved! Go to Solution.
Labels:
- Labels:
-
Identity Services Engine (ISE)
1 Accepted Solution
Accepted Solutions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2019 05:14 AM
You have a couple of options. You could configure default ISE policies to push hosts/users to a restricted network. You could statically assign your interfaces on your NADs to authorize the attached host into a restricted network upon 8021x failure (authentication event fail action authorize vlan xx). If you are running IBNS you can create a template globally and assign to your interfaces that essentially would do that same thing as if you statically assigned ports. Some good stuff here: https://www.cisco.com/c/en/us/products/ios-nx-os-software/identity-based-networking-services/white-paper-listing.html
Good luck & HTH!
Good luck & HTH!
1 Reply 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2019 05:14 AM
You have a couple of options. You could configure default ISE policies to push hosts/users to a restricted network. You could statically assign your interfaces on your NADs to authorize the attached host into a restricted network upon 8021x failure (authentication event fail action authorize vlan xx). If you are running IBNS you can create a template globally and assign to your interfaces that essentially would do that same thing as if you statically assigned ports. Some good stuff here: https://www.cisco.com/c/en/us/products/ios-nx-os-software/identity-based-networking-services/white-paper-listing.html
Good luck & HTH!
Good luck & HTH!
