Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1252
Views
15
Helpful
2
Replies

NEAT interface template delivery description = device name

rodrigofilgueira5562
Level 1
Level 1

‎09-29-2021 04:21 AM

Hi all, 

I have a fully functional Template script getting the policy on ISE and applying it on switchport. Follow the script:

!
template neat-aps2802
switchport trunk native vlan 1123
switchport mode trunk
description ACCESS_POINT
!

Is it possible to receive the device name or device description registered in the Endpoint ISE attributes through RADIUS variable to the description? Here's an example of what I need.

!
template neat-aps2802

description $devicename  
switchport trunk native vlan 1123
switchport mode trunk
description ACCESS_POINT
!

2 Replies 2

howon
Cisco Employee
Cisco Employee

‎09-29-2021 05:10 PM

No, but if you could spare some VLANs, you can name the VLANs as device name and have it sent via RADIUS to ISE:

https://community.cisco.com/t5/security-documents/advanced-ise-tips-to-make-your-deployment-easier/ta-p/3850189#toc-hId--574335339

 

rodrigofilgueira5562
Level 1
Level 1
In response to howon

‎10-01-2021 11:55 AM

I have 50 VLANs and approximately 600 Endpoints. I need something more specific, using the VLAN with a common name to all of the same VLAN makes my routine very laborious.

 

I've already thought about Template NEAT interface where the description calls some kind of script that takes the InternalEndpoint.Description and passes it as a parameter, even more without success.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents