I configured in a test environment, a windows 10 client, which authenticates using EAP-TLS. Up to here everything works.
The problems arrived with the authorization phase, despite having configured the access list on the WLC, the ISE is unable to use it, even if in the authorization profile I checked the Airspace ACL name, specifying the name of the ACL created on the WLC.
Any suggestions?
Same details:
On the Ise the part of Autorization profile:
The Ise live log about the authentication and authorization show that Ise choose the right policy:
The strange thing is that in the results, the AV-Pairs and the ACL specified in the authorization profile are not indicated:
On the WLC the ACL:
There are two WLCs the foreign and an anchor, the WLAN is on both. It works fine but the ACL is not enforced.
I know the versions are old, and I have already planned the ISE upgrade, and the WLC foreign replacement, but for now I have to use it.