Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello everybody,
I have an ISE deployment with 2 nodes, Primary and Secondary (Admin, MnT and PSN), version 2.7.
As we use Cisco ISE for VPN authentication, we have an Identity source sequence composed by 2 sources, Duo MFA and Active Directory. Th...
Hi,
The scenario is exactly as you described it, the DAP handles the AD query. DAP is configured as "RADIUS Token Identity Source" in "Identity Management-External Identity Sources" and then included in the previously mentioned sequence as the prim...
Hi,
Yes, normally it should check the second source if the user is not found in the first one. But it doesn't, if the user is not in the DUO group, then the authentication fails without checking the other sources when set to Reject.
Maybe I should ...
