3.3
|
Cisco ISE Portals with IPv6 Support
- Sponsor Portal and MyDevices Portal
- Client Provisioning Portal and Certificate Provisioning Portal
- Portals (Hotspot, Self-Registrated, and Sponsored)
- Blocked List Portal
|
| |
Cisco ISE Portal Features with IPv6 Support
- Single Click Sponsor Approval
- Auto Login and Grace Period
- Validation of Credentials for Guest Portal
- Guest Portal Posture Flow using Temporal Agent
- 802.1X / VPN - Posture Flow with Cisco Secure Client / AnyConnect
|
| |
Cisco ISE Posture Features with IPv6 Support
- Cisco Secure Client
- Cisco ISE Temporal Agent
- Agentless
NOTE: The static IP/host name/FQDN field in the common task for web redirection in an authorization profile does not accept an IPv6 address. Instead, specify an FQDN there and make sure the clients able to resolve it to the IPv6 address of the ISE PSN that authenticates them to the network.
|
2.6
|
ISE Management
You can access and manage a Cisco ISE node over an IPv6 address, and configure an IPv6 address to Eth0 (Interface) during setup wizard as well as through CLI. If you choose to configure IPv6 address, you should also have an IPv4 address configured (in addition to IPv6 address) for the Cisco ISE node communication. Hence, dual stack (combination of both IPv4 and IPv6) is required.
You can also manage Secure Socket Shell (SSH) with IPv6 addresses. Cisco ISE supports multiple IPv6 addresses on any interface and these IPv6 addresses can be configured and managed using CLI. |
| |
Network Time Protocol Support
You can access, configure, and manage Network Time Protocol (NTP) servers with IPv4, FQDN, IPv6 addresses, or with a mix of these. Cisco ISE also supports NTP server fallback mechanism and server authentication over an IPv6 address. |
| |
Domain Name System Support
You can configure a combination of IPv4 and IPv6 Domain Name System (DNS) servers and even manage IPv4 or IPv6-based DNS servers through CLI and GUI. Static hostnames can be mapped with IPv6 addresses. |
| |
External Repositories
You can add an external repository in Cisco ISE with an IPv6 address. Communication between a Cisco ISE node and an IPv6 external repository is possible when the node has an IPv6 address configured to Eth0. |
| |
Audit Logs and Reports
You can view the reports relating to login and logout activities, password changes, and operational changes made by you while accessing Cisco ISE through an IPv6 address. These events can be viewed in the audit reports available in the Cisco ISE dashboard. |
| |
Simple Network Management Protocol
Simple Network Management Protocol (SNMP) traps and MIBs can be communicated through IPv6 addresses. You can configure IPv4-based, IPv6-based SNMP or multiple SNMP (a mix of IPv4 and IPv6) servers. |
| |
Access Control Lists And Dynamic Access Control Lists
From Cisco ISE, Release 2.6, you can define Access Control Lists (ACLs), Dynamic Access Control Lists (DACLs) and Cisco Airespace ACLs with IPv6 addresses. |
| |
Active Directory
You can connect to the IPv6 Active Directory from Cisco ISE. |
| |
External Restful Service Portal
External Restful Service is available using an IPv6 client. |
| |
Syslog Client or Logging Targets
You can configure IPv6-based syslog targets. |
| |
Posture
You can access RADIUS servers with an IPv6 address. |
2.4
|
IPv6 Support for RADIUS
IPv6 addresses are now supported for RADIUS configurations. Both IPv4 and IPv6 addresses are supported in:
- Administration > Network Resources > Network Devices page's IP Address field
- Administration > Network Resources > External RADIUS Server page's Host IP field |
| |
SGT
- IPv6 check status
- IPv6 addresses can be used in IP SGT static mappings that can be propagated using SSH or SXP to specific network devices or network device groups
- Create IP static mappings with IPv6 addresses |
2.3
|
IPv6 Support for External ID Store Attributes
Configure the AD and LDAP server with IPv4 or IPv6 address when you manually add the attribute type IP and authenticate the user. |
| |
Support for Network Device with IPv6 Address
- configure the network devices with IPv4 or IPv6 address
- export and import the network devices with IPv4 or IPv6 address
- add Device IPv4 or IPv6 address attribute in the conditions and rules used in the authentication and authorization policies |
| |
IPv6 TACACS Support
- Network Devices
- TACACS Authentication
- TACACS Authorization
- TACACS Accounting
- Connection modes
- Live Logs and Reporting
- Proxy (AAA, Accounting- local, remote)
|
2.2
|
User Custom Attributes with IPv6
|
| |
pxGrid session topic filtering with ipv6
|
2.1
|
Enable or Disable IPv6 on Each Interface
Provides an option from the CLI to enable or disable IPv6 at the interface level. |
2.0
|
Support for IPv6-enabled Endpoints
Cisco ISE can detect, manage, and secure IPv6 traffic from endpoints. You can configure authorization profiles and policies in Cisco ISE using IPv6 attributes to process requests from IPv6-enabled endpoints and ensure that the endpoint is compliant. |
| |
IPv6 Support in Reports
Reports in Release 2.0 support IPv6 values. The Live Session and Live Authentication pages also support IPv6 values. |
| |
IPv6 Support in CLI
ipv6 address — To allow for static IPv6 address configuration per network interface
ipv6 enable — To enable or disable IPv6 on all network interfaces
ipv6 route — To configure IPv6 static routes
ip host — To add IPv6 addresses in host local table
show ipv6 route — To display IPv6 routes |
