Solved: ISE NAS condition for port range

Aravind Ravichandran · ‎10-12-2018

Hi,

I would like to know, is there anyway to create a authorization policy condition based on NAS port id range ?

Also i would like to know, whether the below condition will work ?

-Aravind

Cory Peterson · ‎10-12-2018

That condition will not work, but is can be done with a regex "match" on the nas port id. I have done this and it worked well, but only used it during a pilot and would not recommend it as a common practice as it could become a nightmare to manage.

This regex will match Gi 1-4 , 6 - 9 / 1 - 24:

GigabitEthernet[1-46-9]\/(1[0-9]|2[0-4]|[1-9])\b

View solution in original post

Cory Peterson · ‎10-12-2018

That condition will not work, but is can be done with a regex "match" on the nas port id. I have done this and it worked well, but only used it during a pilot and would not recommend it as a common practice as it could become a nightmare to manage.

This regex will match Gi 1-4 , 6 - 9 / 1 - 24:

GigabitEthernet[1-46-9]\/(1[0-9]|2[0-4]|[1-9])\b

Aravind Ravichandran · ‎10-14-2018

Thanks Cory for your suggestion :)

-Aravind