Cisco Community
English
Register
COMMUNITY HELPING COMMUNITY - With your Community actions and contributions, we will donate up to $10,000 to UNICEF by end of January- PARTICIPATE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

2147
Views
0
Helpful
8
Replies
Highlighted
arikawahyono
Beginner
Beginner
‎07-28-2013 09:38 PM
‎07-28-2013 09:38 PM

Mac-Address Different format for Authorization on Cisco ISE

Dear All,

I have problem with my Cisco ISE,

This is the design :

ISE ---- Core Switch ---- 3Com Switch --- PC User

My Case:

Authorization is based on Mac-address and Active Directory,

But user with PC that connect to 3Com swtich is Deny by ISE because the Format Mac-address is different with Cisco,

Mac-address Cisco format :  XX:XX:XX:XX:XX:XX

Mac-address 3Com format :  XXXX-XXXX-XXXX

3Com Switch type is TRICOM 4210 26-PORT.

Anyone have experience with this? and how change the mac-address format in 3Com so user can authorized by Cisco ISE.

note:

authorization based on Active Directory is not problem with 3Com Switch.

Based on my experience, Different product is different format mac-address, so this case not only for 3Com Switch.

Thanks,

Arika Wahyono

Labels:
0 Helpful
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Eduardo Aliaga
Enthusiast
Enthusiast
‎07-28-2013 09:54 PM
‎07-28-2013 09:54 PM

Hello. Authentication using "Mac address bypass" is not a standard feature. Every vendor does it differently. I don't think this could work, but even if this can be done the solution won't be realiable because it's not standard based.

View solution in original post

0 Helpful
Reply
8 REPLIES 8
Highlighted
Eduardo Aliaga
Enthusiast
Enthusiast
‎07-28-2013 09:54 PM
‎07-28-2013 09:54 PM

Hello. Authentication using "Mac address bypass" is not a standard feature. Every vendor does it differently. I don't think this could work, but even if this can be done the solution won't be realiable because it's not standard based.

View solution in original post

0 Helpful
Reply
Highlighted
Tarik Admani
Advocate
Advocate
‎07-29-2013 12:15 AM
‎07-29-2013 12:15 AM

Hi,

Please check the ise 1.2 release notes for support for mab with non cisco switches. Seems as if some functionality has been added.

http://www.cisco.com/en/US/docs/security/ise/1.2/release_notes/ise12_rn.html#wp354890


Sent from Cisco Technical Support Android App

0 Helpful
Reply
Highlighted
arikawahyono
Beginner
Beginner
In response to Tarik Admani
‎07-29-2013 12:53 AM
‎07-29-2013 12:53 AM

Dear Tarik,

Are you sure with ise 1.2 my case will solved?

my current ISE is 1.1.2.145.

Thanks,

Arik

0 Helpful
Reply
Highlighted
Ravi Singh
Rising star
Rising star
In response to arikawahyono
‎07-29-2013 02:11 AM
‎07-29-2013 02:11 AM

Not sure because it is not listed in compatibility matrix list.

0 Helpful
Reply
Highlighted
arikawahyono
Beginner
Beginner
In response to Ravi Singh
‎07-29-2013 02:17 AM
‎07-29-2013 02:17 AM

Ravi,

Can you show me the compability matrix list?

Thanks,

0 Helpful
Reply
Highlighted
Ravi Singh
Rising star
Rising star
In response to arikawahyono
‎07-29-2013 02:19 AM
‎07-29-2013 02:19 AM

Please find the attached Compatibility list

0 Helpful
Reply
Highlighted
Tarik Admani
Advocate
Advocate
In response to Ravi Singh
‎07-29-2013 07:36 AM
‎07-29-2013 07:36 AM

I do not think Cisco will add these vendors to the supported switch matrix because then it would be a support issue that cisco would have to deal with, much like most of the AD issues I experienced when I worked in TAC. Your best bet would be to run the evaluation license instance in a lab and have a 3com switch point against that.

Other than that I do not recommend upgrading to 1.2 without validating that the new "multi-vendor" MAB support will work on your switch.

PS- Keep in mind that my comments is just my opinion so you may need to open a TAC case for an official answer.

Tarik Admani
*Please rate helpful posts*

0 Helpful
Reply
Highlighted
Ravi Singh
Rising star
Rising star
In response to arikawahyono
‎09-19-2013 09:12 PM
‎09-19-2013 09:12 PM

Please find the attached Compatibility list

Preview file
383 KB
0 Helpful
Reply
Latest Contents
Get the 2021 Cisco Security Outcomes Study
Created by Kelli Glass on 12-01-2020 11:44 AM
0
0
0
0
Usually no news means good news in security, but how do you know what is working, what could be better and where you should invest? Introducing the Cisco Security Outcomes Study. We commissioned an independent survey of 4,800 active security a... view more
What's New in NGFW FTD 6.7, ASA 9.15.1, FXOS 2.9
Created by suhegade on 11-30-2020 02:52 AM
0
5
0
5
Cisco is happy to announce their Fall release, FTD 6.7/ASA 9.15.1/FXOS 2.9, which consists of 104 features across 24 initiatives, addressing technical debt while staying true to our five core investment areas: Ease of Use and Deployment, Unified Policy an... view more
Cyber Ops Pro 350-201 CBRCOR
Created by Gallifrean on 11-25-2020 02:44 PM
1
0
1
0
Does anyone know when and where study resources will become available for this certification?
Is it right way to exclude ? \Program Files\Commvault\*
Created by Pruthvirajnasagoni89418 on 11-24-2020 09:34 AM
0
0
0
0
Hi Team, I have one exclusion provided by internal team which is Is it right way to exclude ?  *\Program Files\XYZ\* , as per Cisco Docs i see its not recommended because it will create performance issue when we use * at starting ,  So... view more
Customer Connection Briefing - Central Log Management using ...
Created by Kelsy Tibshraeny on 11-24-2020 09:27 AM
0
0
0
0
Central Log Management using Cisco Security Analytics and Logging, December 2nd at 8am-9:30am PT Cisco Security Analytics and Logging is Cisco’s Central Log Management solution for Network Operations and Security Outcomes. It is delivered both as a c... view more
Content for Community-Ad
Cisco Community October 2020 Spotlight Award Winners

Follow our Social Media Channels