cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
321
Views
0
Helpful
1
Replies

Matching AuthZ rule before NMAP scan

Josh Morris
Level 3
Level 3

I have some devices that are hitting my default (open) rule that I want to hit an earlier rule. The problem is that I am not getting enough attributes from them until I have the profile perform an NMAP scan. But the device has already performed auth at this point. Once it finishes the NMAP scan, there may be enough information to put it in the right Authorization rule. How do I force reauth after NMAP has completed?

1 Accepted Solution

Accepted Solutions

hslai
Cisco Employee
Cisco Employee

Please ensure the ISE deployment has the latest patch, profiling CoA enabled on ISE (see ISE Global Profiling Settings), CoA enabled on the network devices, and, of course, authorization configured for the change.

View solution in original post

1 Reply 1

hslai
Cisco Employee
Cisco Employee

Please ensure the ISE deployment has the latest patch, profiling CoA enabled on ISE (see ISE Global Profiling Settings), CoA enabled on the network devices, and, of course, authorization configured for the change.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: