10-22-2019 09:21 PM - edited 02-21-2020 09:37 AM
Hi
I am collecting User-IP mapping via User-Agent quarrying the AD servers. But my wireless users authenticate via ISE and I don't see those uses in FMC. Is there a way to configure FMC to get logs from ISE (without PXGrid) or configure something on Windows Auditing to log Cisco ISE authentications?
Thanks
10-22-2019 09:41 PM
For the ISE-authenticated users you should add ISE as an Identity source for your FMC. It does require using pxGrid.
10-22-2019 09:56 PM
In our case not all the devices uses ISE, like wired client do not use ISE.
I believe I am restricted to use either ISE or user-agent, is there any way audit and log authentication logs from ISE to AD audit logs.
10-22-2019 10:42 PM
I have not tested the results but you can configure both ISE and User Agent identity sources for a given FMC.
More details on identity sources can be found here:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide