Re: ISE have Radius plug-in for ADFS

jideji2006 · ‎03-09-2020

Do Cisco ISE have Radius plug-in for ADFS, I have a unique use case where I want to proxy ADFS authentication to ISE for authorization.

Flow:

End user ---- ADFS ----- ISE for authorization

Arne Bier · ‎03-09-2020

Not that I can see :-(

What is your exact use case? 802.1X network authentication, or portal auth (e.g. SAML) ?

You may have to submit a feature request to Cisco.

jideji2006 · ‎03-10-2020

This is a portal authentication against ADFS and I would like ADFS to proxy the authentication to ISE for authorization.

Cristian Matei · ‎03-10-2020

Hi,

From ISE perspective, it just needs to receive RADIUS requests, match on its policies, and return the authorization. So it's a matter of ADFS to make use of RADIUS. You can use ADFS RADIUS plug-ins by building your own, or look out on the Internet for such available ADFS RADIUS plugins.

Regards,

Cristian Matei.

jideji2006 · ‎03-10-2020

Thanks Cristian. Yes, understand its possible to build one. I was wondering if Cisco has one so I don't spend time trying to build one. If Cisco have pre-build plugin, I do not like the idea of looking for any radius plug-ins on the internet :)

Cristian Matei · ‎03-10-2020

Hi,

Look in the Microsoft community/forums, or on github I'm sure you'll find some already done. For example:

https://github.com/davehope/RadiusAuthenticationAdapter

As far as I'm aware, there is no Cisco validated RADIUS plug-in for ADFS.

Regards,

Cristian Matei.