Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
961
Views
2
Helpful
2
Replies

ISE 1.4 - Device Administration - How doing authorization based on user machine IP address (Specify IP address allow to manage device)

josedunet
Level 1
Level 1

‎10-23-2016 08:10 AM

Hi All

I am using ISE 1.4 for device administration authentication & authorization. So know when network administrator want to connect to switch and router for administration, they are authenticate and authorize by ISE Radius.

My question is how to given authorization based on IP address of network administrator machine. Specify in authorization IP address allow to connect to device for administration. I don' know how or where specify it. Someone can help me please ?

Thanks in advance.

0 Helpful
2 Replies 2

thomas
Cisco Employee
Cisco Employee

‎10-24-2016 06:12 AM

I believe you're asking for how to do network device administration via the TACACS+ protocol.

TACACS+ is supported in ISE 2.0 and later: ISE 2.0 Release

We have many ISE How-To Guides available that tell you how to do it in the regular ISE Community on the ISE Design & Integration Guides page under Device Administration (TACACS+)

ssambourg
Level 1
Level 1

‎11-22-2016 03:59 PM

Hello,

You can create an ACL on your NAD and add this ACL in the line vty configuration section.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents