Hello, I configured my ASA and ISE to do group based authentication for the anyconnect users but I'm not seeing the requests hit ISE at all. I attached my ASA config and on ISE I created a new policy set that looks for requests coming from device type = firewalls and nas-port-type= virtual, authentication rule that looks in AD and in my authorization rules I'm matching based on external groups pulled from AD, and lastly an authorization profile that has class-25 set to the group-policy configured on my ASA. Can you please look this over for me?
Solved! Go to Solution.