Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
266
Views
2
Helpful
2
Replies

"domain-change-failed" condition when creating a Control Class...

rezaalikhani
VIP
VIP

‎08-05-2024 01:51 AM - edited ‎08-05-2024 01:52 AM

Hi all;

When creating a Control Class based on matching condition of "authorization-failure", there are a parameter name "domain-change-failed". Based on official documents, we must use condition if "Specifies that the domain change has failed."

rezaalikhani_0-1722847942090.png

As you can see, this official statement is totally unclear. Can anyone explain more regarding this parameter?

Thanks

2 Replies 2

marce1000
Hall of Fame
Hall of Fame

‎08-05-2024 02:11 AM

 

  - Possibly this refers to the domain name set (or changed) in the running configuration of an ISE node as in :
    ip domain-name newdomain.com

   M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Greg Gibbs
Cisco Employee
Cisco Employee

‎08-05-2024 03:21 PM

This is IBNS 2.0 configuration on the switch and has nothing to do with ISE. My guess is that it's related to a failure to change between the VOICE and DATA domains on the switch for some reason but I've never seen it used.

If deploying ISE, I would highly suggest sticking to the validated IBNS 2.0 configuration documented in the ISE Secure Wired Access Prescriptive Deployment Guide. Tweaking settings outside that could result in unexpected behaviours.

If you really want to chase this down, you might try posting your question along with more details about the switching platform (hardware, software) to the Switching community space.

Customers Also Viewed These Support Documents