08-07-2013 08:24 AM - edited 03-10-2019 08:44 PM
Hello,
We've just begun to work with ISE.
Is it the good place to post on ISE, or there is a dedicated forum in another place?
We'd like to create some rule depending of Computer member groups AND Users member groups from AD, but we meet some difficulties.
We've created AD groups for Computers and Users depending of their Department:
Users_1
Users_2
Computers_1
Computers_2
When we create some basics rules regarding one group only:
- with a group Computers_x to attribute a specific VLAN to a computer (when no Windows session is opened), it runs correctly.
- with a group Users_x to attribute a specific VLAN to an user (when Windows session is opened), it runs correctly.
But when we create a rule regarding a group from Computers and one from Users, to attribute a specific VLAN to an user on a specific computer, this rule is not applied.
Is it possible to use ISE on this way?
Thanks for help.
Regards,
Chris
08-13-2013 04:10 AM
Kindly review the below link :
http://www.cisco.com/en/US/docs/solutions/Enterprise/Security/TrustSec_2.0/trustsec_2.0_dig.pdf
08-21-2013 02:54 AM
Enable EAP Chaining— if you want Cisco ISE to allow authentication of both machine and user in the same EAP-FAST authentication.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide