cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
69
Views
0
Helpful
2
Replies
Beginner

ISE Authorization Condition

Hi

I have a requirement to setup ISE in such a way that it differentiates between switches within a switch stack. Does anyone know if there is an expression that I could use within an authorization compound condition that will achieve the following:

If a device using MAB connects to switch 1 in the stack it will be assigned to VLAN 10.

If the same device connects to switch 2 in the same stack it will be assigned to VLAN 20.

Thanks

Terry

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Rising star

You could use the interface

You could use the interface numbering as a condition, the switch does not send any information about stack numbering. I don't remember the specific av pair, but you should be able to find it in the live log details.

2 REPLIES 2
Highlighted
Rising star

You could use the interface

You could use the interface numbering as a condition, the switch does not send any information about stack numbering. I don't remember the specific av pair, but you should be able to find it in the live log details.

Beginner

Perfect, thanks Jan

Perfect, thanks Jan

Radius:NAS-Port-Id Starts with GigabitEthernet1/0/

Regards

Terry