01-14-2016 08:38 PM - edited 03-10-2019 11:23 PM
Company Acme wants to use ISE to authenticate against their VPN. They have different connection profiles for different access. They don’t use the dropdown, they use the URL.
We have three test users
User1:
Memberof: pci,it, users
User2:
Memberof: facilities, users
User3:
Memberof, users, it
I don’t think we can break out connection profiles in ISE, so how would we make sure this work?
if User3 connects to the acme.com/it how do we make sure he gets the IT access rather than user?
If User2 connects to acme.com/user how do we make sure he gets user privilege rather than facilities?
In the past I've used NPS and I haven't had the issue of overlapping groups like this.
Thanks!
Solved! Go to Solution.