11-06-2017 10:53 AM
Team,
We are the middle of a ISE POV and we are validating ISE functionality with a HP 5120 EI Switch based on the configuration template below.
We have validated traditional vlan assignment with the config template below works but when we try to turn on passive id under the HP Network Device Profile there is no option for passive identity tracking. W e also tried duplicating the profile and there also is no option to do so.
I was under the impression that Passive-ID has no NAD dependencies other than sending a Radius or SNMP COA to the NAD to change the endpoints authorization state.
Is passive id tracking supported or not supported with 3rd Party vendors
Please advise
HP-HEC-A550-NAD-Config
11-06-2017 12:25 PM
3rd party NAD with Easy Connect or PID has not been officially tested. If you simply want to expose PID Tracking in the UI, then simply copy one of the Cisco NAD profile and modify it to match settings of the HP device profile. Aside from CoA, note that PID session merge uses IP address as common attribute between network event and AD event and if the HP device is not capable of sending IP via RADIUS accounting, ISE will not be able to merge the two events.
11-06-2017 03:56 PM
This suggestion does not work.
Below is what i did:
1. Copy Cisco ND profile
2. Renamed the Profile to "HPNewNADProfile"
2. Replicated the HP ND switch profile Config into new Cisco Profile named "HPNewNADProfile"
Results are as followed.
1. No option for passive id checking in the Authz Profile
2. Tried to auth a endpoint with new profile and recieved
15052 | Authorization profile/s specified are not suited for this Network Access Device | |
15039 | Rejected per authorization profile | |
11003 | Returned RADIUS Access-Reject |
I must be configuring something wrong please advise
11-06-2017 08:21 PM
Try duplicating the HP Profile and setting vendor to Cisco.
11-07-2017 09:04 PM
See what smashash responded (response 3) @ Can i have step by step guide to Integrate Hp5500 Switch with Cisco ISE 2.2 using mab
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide