Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
932
Views
25
Helpful
2
Replies

IBNS 2.0 / auto smart port replacement

andy!doesnt!like!uucp
Spotlight
Spotlight

‎04-09-2019 12:22 AM

Hi Gurus

i'm looking for ultimate solution for replacement of auto smart port with IBNS 2.0 approach with ISE still acting as dynamic authorization source.

currently our ISE has Auto Smart Port checked & accompanied with name like macro-name & thus sends cisco-av-pair = auto-smart-port=macro_name to the switch during session. macro-name is configured on the switch as macro auto blah-blah & all this makes things to work. I was thinking about downlodable interface templates but i'm lack of good documentation. Can somebody help on the subject?

Labels:
2 Replies 2

mnagired
Cisco Employee
Cisco Employee

‎04-18-2019 04:14 PM

Hello Andyo,

 

ISE doesn't support natively support downloadable interface template.. Similar to auto-smart-port, you can reference an interface template name in the auth policy with interface template still defined on switch. 

 

Refer to below prescriptive deployment guide which i have recently updated and trying to solve the use case for NEAT.. I am sure those setup will help you how to use interface-templates.. 

 

https://community.cisco.com/t5/security-documents/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515?attachment-id=140224#toc-hId--100650304 

 

Let me know.. 

andy!doesnt!like!uucp
Spotlight
Spotlight
In response to mnagired

‎04-20-2019 01:24 AM

Hi man

i was lucky to find necessary docs in the inet recently (inc. document u'v referred to). But thank u anyway.

I have one Q for u: what version of ISE does support concurrent .1x&MAB|WEB authentications without bugs?

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card