04-20-2017 06:23 AM - edited 03-11-2019 12:38 AM
I am using my ISE for Device Administration, and its working fine, But we have some devices that use Radius, I cannot seem to figure out, where I allow this? I have added Network Devices that use Radius, enabled the Radius Key etc. I made a radius attempt from a radius device and nothing...
Under Allowed Protocols Services, you cant even add Radius as allowed protocol?
Help or sugesstions please?
Thanks
04-21-2017 02:37 AM
RADIUS is the protocol that transports the credentials and facilitates the setup of secure network access, that is why you don't see it there.
For device admin authentication you will probably need to enable "Allow PAP/ASCII" under Authentication protocols.
Share more details about your Authentication and Authorization policies, devices that you are trying to configure, etc.
04-21-2017 04:02 AM
I am just using the "tacacs_Default" Policy, which works fine for TACACS.
I tried to create a new Policy Set, and set it too "default network access" and All ID stores.
Ill try the "allow PAP/ASCII" now
04-21-2017 04:11 AM
I am just using the "tacacs_Default" Policy, which works fine for TACACS.
I tried to create a new Policy Set, and set it too "default network access" and All ID stores.
Allow PAP/ASCII is enabled
04-21-2017 05:26 AM
OK, so what results exactly you are getting?
If you issue this from the device cli "test aaa group radius testuser testpassword legacy " what does the ISE live log show?
04-21-2017 05:36 AM
im not getting any results. I switch my F5 device (which is Radius) to point to my ISE, I can then no longer log in, and there is nothing showing on the ISE, its not a network issue as its in the same subnet...
there are no instructions anywhere to set Radius Device Access and TACACS.
04-21-2017 06:32 AM
Are you definitely pointing the F5 to ISE PSN for auth? Even if the device is unknown to ISE or a protocol is not allowed, you should see an entry in the live log
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: