Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1592
Views
0
Helpful
3
Replies

ISE to dynamiclly push Private Vlans on Access switch deployments

Dieter Bez
Level 1
Level 1

‎02-03-2014 05:39 AM - edited ‎03-10-2019 09:20 PM

                   Hi all,

is there a way to push PVLAN configuration via ISE to Access switches.

Currently I'm thinking about an authoration profile with an attribute setting PVLAN.

Has anyone an idea how to push Private VLan configs dynamiclly to Access Ports on Switches.

Thanks for your comments

Labels:
0 Helpful
3 Replies 3

Saurav Lodh
Level 7
Level 7

‎02-03-2014 09:04 PM

You cannot assign private Vlans to switch via ISE

0 Helpful

jan.nielsen
Level 7
Level 7

‎02-04-2014 05:06 PM

Try looking into using switch macros, you should be able to create a custom macro that changes the config of the port in question to make it part of a pvlan community/isolated port or whatever you need and then trigger this macro from ISE with your authorization result. It's used for the feature cisco call NEAT, try searching for that and you should find some examples.

0 Helpful

Naveen Kumar
Level 4
Level 4

‎02-09-2014 09:31 PM

Hello Dieter,

I have found only this docs related to your post:

Cisco Systems' Private VLANs: Scalable Security in a Multi-Client Environment
RFC 5517

https://datatracker.ietf.org/doc/rfc5517/?include_text=1

0 Helpful
Customers Also Viewed These Support Documents