07-05-2017 09:28 AM
Is it possible to place a profiled endpoint into a group based on where it was learned?
For example, if a Printer was seen and profiled when attached to switch X, place it in the "Known Printers" endpoint group, which an Authorization Policy can reference. This will prevent just *any* printer from being allowed on the network via MAB if the Authentication Policy only references "internal endpoints" and there is no catch-all Authorization Policy to deny access.
Solved! Go to Solution.
07-05-2017 09:40 AM
Yes, you could use RADIUS:NASID to identify the switch you initially connected to then use profiling exception action to statically assign it to an endpoint group.
07-05-2017 09:40 AM
Yes, you could use RADIUS:NASID to identify the switch you initially connected to then use profiling exception action to statically assign it to an endpoint group.
07-06-2017 06:33 AM
For groups of NADs, recommend assign them to NDG. You can then use NDG in Profile Condition.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide