Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Users exist on a RSA server and are organized by groups. I need a way to permit or deny VPN users based on their RSA group. I have RSA passing back the group name upon authentication. I can see it in RSA logs. I don't see it in ISE. I get the authent...
Hi, I am having the same problem solved back in 2018 this post is about. The problem is I went through so many TAC cases. What has changed is new ASA's and ISE 2.4. I have a TAC case but I don't think we are on the same page. See, I have a lab with o...
Wire shark did validate the attribute was sent and received by ISE. But it didn't help in finding correct syntax for ISE to actually accept the attribute return value. That was trial and error.
The problem is the syntax does NOT match between RSA and ISE for the Radius Attribute. That's different than any documentation I have found. We were able to get this working with a TAC case and trial and error.
ISE CiscoSecure-Group-Id - syntax use...
