Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1475
Views
0
Helpful
2
Replies

ISE - Radius Token Server Calling-Station-ID Pass through Support

Go to solution
gaoppel
Cisco Employee
Cisco Employee

‎12-17-2018 06:21 AM

Currently working on a integration with an External Radius Server for external Authentication within Cisco ISE, but when configured Cisco ISE does not pass along the "Calling-Station-ID" attribute.  This reduced the visibility on the Radius Integration by not including this value.  Please confirm there is not a setting that I am missing to pass this attribute through to the External Radius Token Server which can be logged by the External Radius Token Server.  If this currently does not exist, I would like to see this added as there are several use cases that this would benefit from.

 

Let me know, and have a wonderful day!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Timothy Abbott
Cisco Employee
Cisco Employee

‎12-17-2018 07:45 AM

Hi,

 

From the admin guide:

RADIUS Token Server User Authentication

Cisco ISE obtains the user credentials (username and passcode) and passes them to the RADIUS token server. Cisco ISE also relays the results of the RADIUS token server authentication processing to the user.

 

It appears that ISE only sends user credentials to the token server.  I will forward your request to the team to ensure an enhancement is documented.

 

Regards,

-Tim

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Timothy Abbott
Cisco Employee
Cisco Employee

‎12-17-2018 07:45 AM

Hi,

 

From the admin guide:

RADIUS Token Server User Authentication

Cisco ISE obtains the user credentials (username and passcode) and passes them to the RADIUS token server. Cisco ISE also relays the results of the RADIUS token server authentication processing to the user.

 

It appears that ISE only sends user credentials to the token server.  I will forward your request to the team to ensure an enhancement is documented.

 

Regards,

-Tim

0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee

‎12-17-2018 01:39 PM

If you would like ISE to pass more attributes, then please configure External RADIUS servers and RADIUS server sequences, and then use the configured RADIUS server sequence as the box for "Allowed Protocols / Server Sequence" to proxy the entire request over to them, instead of using RADIUS token server.

0 Helpful
Customers Also Viewed These Support Documents