Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
80
Views
0
Helpful
1
Replies

Switch AAA config for forescout

Danfurqan
Level 1
Level 1

‎11-16-2024 11:33 AM

Dear experts,

We are moving from ISE to forescout, I need the Cisco switch AAA configuration (global & interface) to allow the scenario of 

1. Limited access of endpoint while it's authenticating 

2. If host authentication is successful and Futher compliance check by forescout is passed, the host would receive a CoA from radius server to full access ACL.

If compliance check fails, the host remains in the limited ACL to remediate.

 

Labels:
0 Helpful
1 Reply 1

Torbjørn
Spotlight
Spotlight

‎11-16-2024 02:48 PM

Your switch config will most likely stay the same, assuming that you have the same functionality configured today. You will however have to define new radius server groups. See the following documentation for this: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9200/software/release/17-12/configuration_guide/sec/b_1712_sec_9200_cg/configuring_radius.html 

If you post your the output of "show run aaa" here we will be able to help you further(remember to remove any sensitive data!).

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev
0 Helpful
Customers Also Viewed These Support Documents