i'm looking for ultimate solution for replacement of auto smart port with IBNS 2.0 approach with ISE still acting as dynamic authorization source.
currently our ISE has Auto Smart Port checked & accompanied with name like macro-name & thus sends cisco-av-pair = auto-smart-port=macro_name to the switch during session. macro-name is configured on the switch as macro auto blah-blah & all this makes things to work. I was thinking about downlodable interface templates but i'm lack of good documentation. Can somebody help on the subject?
ISE doesn't support natively support downloadable interface template.. Similar to auto-smart-port, you can reference an interface template name in the auth policy with interface template still defined on switch.
Refer to below prescriptive deployment guide which i have recently updated and trying to solve the use case for NEAT.. I am sure those setup will help you how to use interface-templates..
Let me know..
i was lucky to find necessary docs in the inet recently (inc. document u'v referred to). But thank u anyway.
I have one Q for u: what version of ISE does support concurrent .1x&MAB|WEB authentications without bugs?