02-05-2019 04:26 AM - edited 02-07-2019 03:44 AM
Requirement: Restrict Partner access to specific destination onl
Solution: Using WLAN with ISE you can restrict partner providing specific destination only
Step1: Create WLAN with Mac Filtering and Allow AAA Override should be enabled.(This should be enable in order to push Airspace ACL from ISE)
Create ALC on WLAN which destination you want to apply.
Step 2: Create an Authorization policy
Step 3: Create Local Identity Group with an user.
Go to Administration>Identity Management> Groups>User Identity Groups
Then create an local user in ISE selecting created user group.
Step 4: Create and authentication policy with Wireless MAB
Step 5:Then create an authentication policy
Here red marked option is created identity group.
Using this policy you can restrict onsite partner access where every partner will have respective destination access using same WLAN and Same source ip block.
Identity base ACL will pushed.
Solved! Go to Solution.
02-05-2019 09:06 PM
Hello, was this a question?
02-05-2019 09:06 PM
Hello, was this a question?
02-07-2019 03:46 AM
It was a solution
04-07-2019 11:57 PM
Yes its a question.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: