Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2076
Views
2
Helpful
3
Replies

Radius attribute Class (25) as a condition in AuthZ policy

Go to solution
sahaputh
Level 1
Level 1

‎04-26-2016 09:26 AM

Hi,

How can we configure Radius attribute Class (25) as a condition in AuthZ policy?

This is a Anyconnect scenario,where user authentication from ASA (Radius Access-Request) is sent to ISE and ISE send it to an external Radius server (Proxy Service). External Radius server is sending Access-Accept with the corresponding class attribute. How can we use this received class attribute as a condition in authorization policy. I noticed in dictionaries, Radius Class (ID 25) direction is preconfigured with "OUT" and can't change it since it's System defined. Is there's a way to accomplish this?

Thanks!

TK.

1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎04-27-2016 07:48 AM

This is not a current option. Working this offline to address the use case to see if its a feature request

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎04-27-2016 07:48 AM

This is not a current option. Working this offline to address the use case to see if its a feature request

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee

‎12-06-2017 12:35 PM

Did we make any progress to have Radius Attribute Class (25) as a condition in authorization policy.

~ Jatin

~Jatin
0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee
In response to Jatin Katyal

‎12-06-2017 02:32 PM

Nope. This is tracked by CSCus80472. I will add a release note enclosure in a moment so expect it externally visible in a day or two.

Customers Also Viewed These Support Documents