Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3694
Views
0
Helpful
8
Replies

Mac-Address Different format for Authorization on Cisco ISE

Go to solution
arikawahyono
Level 1
Level 1

‎07-28-2013 09:38 PM - edited ‎03-10-2019 08:41 PM

Dear All,

I have problem with my Cisco ISE,

This is the design :

ISE ---- Core Switch ---- 3Com Switch --- PC User

My Case:

Authorization is based on Mac-address and Active Directory,

But user with PC that connect to 3Com swtich is Deny by ISE because the Format Mac-address is different with Cisco,

Mac-address Cisco format :  XX:XX:XX:XX:XX:XX

Mac-address 3Com format :  XXXX-XXXX-XXXX

3Com Switch type is TRICOM 4210 26-PORT.

Anyone have experience with this? and how change the mac-address format in 3Com so user can authorized by Cisco ISE.

note:

authorization based on Active Directory is not problem with 3Com Switch.

Based on my experience, Different product is different format mac-address, so this case not only for 3Com Switch.

Thanks,

Arika Wahyono

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Eduardo Aliaga
Level 4
Level 4

‎07-28-2013 09:54 PM

Hello. Authentication using "Mac address bypass" is not a standard feature. Every vendor does it differently. I don't think this could work, but even if this can be done the solution won't be realiable because it's not standard based.

View solution in original post

0 Helpful
8 Replies 8

Go to solution
Eduardo Aliaga
Level 4
Level 4

‎07-28-2013 09:54 PM

Hello. Authentication using "Mac address bypass" is not a standard feature. Every vendor does it differently. I don't think this could work, but even if this can be done the solution won't be realiable because it's not standard based.

0 Helpful

Go to solution
Tarik Admani
VIP Alumni
VIP Alumni

‎07-29-2013 12:15 AM

Hi,

Please check the ise 1.2 release notes for support for mab with non cisco switches. Seems as if some functionality has been added.

http://www.cisco.com/en/US/docs/security/ise/1.2/release_notes/ise12_rn.html#wp354890


Sent from Cisco Technical Support Android App

0 Helpful

Go to solution
arikawahyono
Level 1
Level 1
In response to Tarik Admani

‎07-29-2013 12:53 AM

Dear Tarik,

Are you sure with ise 1.2 my case will solved?

my current ISE is 1.1.2.145.

Thanks,

Arik

0 Helpful

Go to solution
Ravi Singh
Level 7
Level 7
In response to arikawahyono

‎07-29-2013 02:11 AM

Not sure because it is not listed in compatibility matrix list.

0 Helpful

Go to solution
arikawahyono
Level 1
Level 1
In response to Ravi Singh

‎07-29-2013 02:17 AM

Ravi,

Can you show me the compability matrix list?

Thanks,

0 Helpful

Go to solution
Ravi Singh
Level 7
Level 7
In response to arikawahyono

‎07-29-2013 02:19 AM

Please find the attached Compatibility list

0 Helpful

Go to solution
Tarik Admani
VIP Alumni
VIP Alumni
In response to Ravi Singh

‎07-29-2013 07:36 AM

I do not think Cisco will add these vendors to the supported switch matrix because then it would be a support issue that cisco would have to deal with, much like most of the AD issues I experienced when I worked in TAC. Your best bet would be to run the evaluation license instance in a lab and have a 3com switch point against that.

Other than that I do not recommend upgrading to 1.2 without validating that the new "multi-vendor" MAB support will work on your switch.

PS- Keep in mind that my comments is just my opinion so you may need to open a TAC case for an official answer.

Tarik Admani
*Please rate helpful posts*

0 Helpful

Go to solution
Ravi Singh
Level 7
Level 7
In response to arikawahyono

‎09-19-2013 09:12 PM

Please find the attached Compatibility list

Preview file
383 KB
0 Helpful
Customers Also Viewed These Support Documents