03-21-2016 06:47 AM
Can someone help me with the below request? Juniper is in my account and doesn’t support Web Redirection today. They would like to add this feature to their switches. Do we support anything they will send us or are we looking for specific attributes? My customer is using ISE 2.0.
---------------------------------------
We would like to add some additional functionality for supporting Cisco’s URL-redirect format. If you could provide me with the message format that is required, I should be able to make this happen in support of the customer. We would want to use the method that uses MAC/IP, not the SessionID. I basically need to know what attributes and format the ISE server is expecting from a third-party switch.
Solved! Go to Solution.
03-21-2016 08:28 AM
Hi Joseph,
We support all standards-based RADIUS messaging. For advanced functionality (BYOD, MDM, Posture, etc), the network access device must support RADIUS Change of Authorization and URL-Redirect. In ISE 2.0, we introduced support for 3rd party CoA and URL-redirect messaging in addition to the Cisco VSA. Take a look at the network access device profiles for 3rd party switches in ISE 2.0 to get a sense of what we can work with.
Regards,
-Tim
03-21-2016 08:28 AM
Hi Joseph,
We support all standards-based RADIUS messaging. For advanced functionality (BYOD, MDM, Posture, etc), the network access device must support RADIUS Change of Authorization and URL-Redirect. In ISE 2.0, we introduced support for 3rd party CoA and URL-redirect messaging in addition to the Cisco VSA. Take a look at the network access device profiles for 3rd party switches in ISE 2.0 to get a sense of what we can work with.
Regards,
-Tim
03-21-2016 01:02 PM
Joseph,
This is a question which we already discussed directly and should be followed up as part of customer sales process.
Per this discussion, the NAD profile defines what we expect from 3rd-party NAD. The Authorization Profile defines what is sent to NAD.
/Craig
01-31-2019 12:51 PM
The issue we are currently having is getting ISE to work with our Juniper switches.
The main issues is that Web Authentication is not working, this is a feature not supported in the code of software we are running
Switch - Juniper EX200-24p
JUNOS 12.3R12-S10 – current version of software recommended by Juniper
JUNOS 15.1R3 – working version not recommended on our model of switch
I don’t know if there is a workaround for this but Juniper have advised us to upgrade the switches to a higher model which we cannot do as we have 1300 of these switches!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide