08-26-2018 08:29 PM
RBAC requirement
1. Is it possible to implement some kind of virtual profile on the ACS so that if the request is from a certain set of ip addresses it redirects the request to a different profile in ACS. Physically it will be single appliance but virtually there will be 2; one for underlay AAA requirements and second for overall AAA requirements.
Solved! Go to Solution.
08-27-2018 06:13 AM
I agree with Richard it sounds like you are asking put Policy Sets in ISE, but if you are asking about ACS then you are talking about Access Service definitions. Both ISE and ACS allow you to carve up the configuration into different rule sets based on a wide variety of definitions (NAD type, NAD IPs, locations, SSID name, VPN tunnel group, RADIUS attributes, etc.)
08-27-2018 12:33 AM
08-27-2018 06:13 AM
I agree with Richard it sounds like you are asking put Policy Sets in ISE, but if you are asking about ACS then you are talking about Access Service definitions. Both ISE and ACS allow you to carve up the configuration into different rule sets based on a wide variety of definitions (NAD type, NAD IPs, locations, SSID name, VPN tunnel group, RADIUS attributes, etc.)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide