Solved: Saving auth conditions in 2.6

Josh Morris · ‎11-11-2019

I am coming from v2.2 where I nearly always created and saved authentication and authorization conditions in the condition library then used them in policy. I don't often reuse the conditions, but I like that it made all my rules mostly stay in one line. I am currently testing 2.6 and it seems to me that the in line editor tends to take the need away for saving and re-using conditions, and the policies will be larger than one line typically. I know it's possible to save conditions, but should I be saving them anymore or just creating one-offs in the editor and calling it a day?

Example with both options.

Damien Miller · ‎11-11-2019

I try to avoid saving conditions like the "SecureNet_SSID" example you are giving. It's my very personal opinion that ISE displays saved conditions very poorly. I have to drill down in to the policy and hover over the little "i" to see what it contains. Then once you have the soft list displaying, you can't select and copy anything from it.

Contrasting that to your Wireless - WLAN1, a quick glance and I know exactly what it is doing.

Just my opinion.

View solution in original post

Damien Miller · ‎11-11-2019

I try to avoid saving conditions like the "SecureNet_SSID" example you are giving. It's my very personal opinion that ISE displays saved conditions very poorly. I have to drill down in to the policy and hover over the little "i" to see what it contains. Then once you have the soft list displaying, you can't select and copy anything from it.

Contrasting that to your Wireless - WLAN1, a quick glance and I know exactly what it is doing.

Just my opinion.

Josh Morris · ‎11-12-2019

Thanks, the more I've been playing with 2.6, the more I agree with you.