07-15-2019 07:31 AM - edited 02-21-2020 11:07 AM
Hi All,
As Meraki MS series switches does not support named ACL being pushed from ISE, we are using Call Home List feature in ISE to configure posture. The posture is happening completely and the endpoint is being allowed access to the network. In our environment, the AD credentials of the user got expired. From the login screen, the user will not be having access to AD prior authentication, therefore the user is forced to use the cached credentials (old credentials). In order to provide access to certain resources including AD prior authentication, we should be able to push named ACL from ISE to meraki switches. But unfortunately this is not supported in meraki switches. Even the url redirected walled feature is supported from MS 350 series and above, but using that is also not a feasible solution as there might be "n" number of domain controller IPs in an environment.
I would like to know if there is any way to get around this or get this fixed?
Thanks,
Aravind Ravikumar
Solved! Go to Solution.
07-16-2019 12:34 PM
This is a limitation of Meraki MS. Please work with the Meraki team to enter an enhancement request.
Regards,
-Tim
07-15-2019 08:45 AM
07-15-2019 08:50 AM
During or before posture redirection, there is only access to ISE PSNs. There is no way in meraki switch configuration (access policy) to allow the ports.
07-16-2019 12:34 PM
This is a limitation of Meraki MS. Please work with the Meraki team to enter an enhancement request.
Regards,
-Tim
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide