11-10-2020 01:36 PM
I'm trying to authenticate a network device and see the Access-Request come into ISE but it isn't matching the correct policy. What value(s) does Normalized Radius RadiusFlowType equals Wired802_1x look at? I am assuming one of the Attribute Value Pairs? I have a Cisco switch that is sending the auth request to the correct policy in ISE but non-Cisco switch is not. I am wondering if the vendor switch isn't sending all of the required attributes? Thanks
Solved! Go to Solution.
11-10-2020 02:06 PM
Hello @ryan14
The definitions of a normalised 802.1X are defined in the Network Device Profiles.
The key thing to remember is that when you add your NAS/NAD to ISE, you should select the vendor - if Cisco, then choose Cisco, if HP Switch, then choose HP etc. This then informs ISE what attributes to look for from those NAS authentications.
11-10-2020 02:06 PM
Hello @ryan14
The definitions of a normalised 802.1X are defined in the Network Device Profiles.
The key thing to remember is that when you add your NAS/NAD to ISE, you should select the vendor - if Cisco, then choose Cisco, if HP Switch, then choose HP etc. This then informs ISE what attributes to look for from those NAS authentications.
11-11-2020 06:27 AM
Thanks for leading me in the right direction. The other vendor isn't sending the Service-Type attribute, thus no match for the policy.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: