Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2062
Views
10
Helpful
1
Replies

RDP vs direct access distinguish on ISE

Go to solution
laurathaqi
Level 3
Level 3

‎07-08-2021 12:39 AM

Dear community, 

 

Is there a way to distinguish RDP access form from direct access on Windows supplicants from ISE? This in order to be able to apply different rules for both use Cases.

 

Any though would be highly appreciated. .

 

Thank you,

Laura  

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
thomas
Cisco Employee
Cisco Employee

‎07-08-2021 07:24 AM

Microsoft does not treat RDP logins as normal user logins and therefore does not trigger an 802.1X authentication event for an RDP login. The switch or wireless controller should not receive an EAP-Start message from a Windows workstation when you login via RDP.

You may consider using the Cisco AnyConnect NAM module which provides the functionality you desire.

Here is another article stating the same:

https://www.ise-support.com/2019/02/05/windows-rdp-and-802-1x-authentications/

View solution in original post

1 Reply 1

Go to solution
thomas
Cisco Employee
Cisco Employee

‎07-08-2021 07:24 AM

Microsoft does not treat RDP logins as normal user logins and therefore does not trigger an 802.1X authentication event for an RDP login. The switch or wireless controller should not receive an EAP-Start message from a Windows workstation when you login via RDP.

You may consider using the Cisco AnyConnect NAM module which provides the functionality you desire.

Here is another article stating the same:

https://www.ise-support.com/2019/02/05/windows-rdp-and-802-1x-authentications/

Customers Also Viewed These Support Documents