Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi team!This is currently only a design question — there is no active deployment at the moment.The topology consists of a Border Node (Catalyst 9500) connected to a Nexus pair acting as Fusion routers. The Nexus pair is operating with vPC.From my und...
Hello team!
I configured a SAML integration with ISE and the authentcation and authz is working just fine.
Now I am trying to fine tune it so ISE does not present its web portal and gets the client straight to the SAML web page, but I am not being ab...
Hi Andrii!Oh yes, in the drawing I forgot to change the VLANs in the second option, but the idea is to use different VLANs there. Sorry.So does the second option seem like the better approach?
Hi!
Maybe the problem is that ISE is not able to read the groups that the user is a part of. I had this problem, and in my case the issue was that some user attributes in ISE had their string values changed in Azure. So Azure was sending a value th...
Did you enable the debug for "rest-id-store"?
I think you will have a better ideia what the problem is if you enable it and check on the CLI while the client tries to authenticate.
CLI command after enable the debug:
show logging application ropc/r...
Hi!
@andrianusfranky
I had a similar problem and was able to fix it. I was about to make a post talking about my issue.
I was able to authenticate but when trying to use groups as conditions no groups matched and the authz was getting the default....
Hi!
Found the problem. The SAML integrator config was opening a portal customized that looks just like the ISE Portal. I didn’t have access to the URL, only an image of the web portal, so that’s why I didn’t catch it earlier.
