Accepted Solutions
if the continue option is used, the next step is authorization policy?
-Correct, the next step would be authz policy.
If none of authentication policies is matched with the user information, the process stop?
-Depends on how you have the authc setup. The authc conditions are as follows:
Each authentication policy has Options:
- Reject: Send ‘Access-Reject’ back to the NAD
- Continue: Continue to authorization regardless of authentication outcome
- Drop: Drop the request and do not respond to the NAD – NAD will treat as if RADIUS server is dead
The screenshot shared below is from this guide: ISE Secure Wired Access Prescriptive Deployment Guide - Cisco Community in this section: Authoring Access Policies on ISE. Here is another valuable resource: ISE Authentication and Authorization Policy Reference - Cisco Community
HTH!
if the continue option is used, the next step is authorization policy?
-Correct, the next step would be authz policy.
If none of authentication policies is matched with the user information, the process stop?
-Depends on how you have the authc setup. The authc conditions are as follows:
Each authentication policy has Options:
- Reject: Send ‘Access-Reject’ back to the NAD
- Continue: Continue to authorization regardless of authentication outcome
- Drop: Drop the request and do not respond to the NAD – NAD will treat as if RADIUS server is dead
The screenshot shared below is from this guide: ISE Secure Wired Access Prescriptive Deployment Guide - Cisco Community in this section: Authoring Access Policies on ISE. Here is another valuable resource: ISE Authentication and Authorization Policy Reference - Cisco Community
HTH!
