10-17-2018 01:37 PM
Hello,
We have ISE 2.4 installed on VM for Network Users authentication. We have created the policies for Radio Network Device and Provision Server. When the radio privilege users trying to access network device with correct credentials, it is denying access because it is not pointing to right Authorization Policy.. See below Radius Log Message Output.
Authentication Policy | Default >> Default |
Authorization Policy | Default >> Basic_Authenticated_Access |
Authorization Result | DenyAccess |
Can anyone in the community had similar problem? Need help!
Solved! Go to Solution.
10-18-2018 08:59 AM
Hi,
Change the device type from All device type to All device type#Microwave radio#Aviation eclipes radius in network device.
As the policy sets is not matching the precise condition All device type#Microwave radio#Aviation eclipes radius which is meant for Avit eclipes radio access policy set, its hitting the default policy set.
Thanks Aravind
10-18-2018 05:25 AM
It would help to share a screen shot of the Policy Set (Authentication as well as Authorization) and then also the final details pane of the Steps that ISE took. ISE is pretty clear in most cases why something failed.
10-18-2018 08:48 AM
Hi,
Here's how my network is.. My PC is connected to Router and also Radio device and ISE VM installed on the server is connected to the same router.
As requested I have shared my screen shots high lighting the problem area.
The problem here we are facing is.. On Device Setting page when we select all device type, it takes the default policy settings which you should see in my Radius screen shot report attached.
I send to My Cisco ISE Make a Policy Set Screen Shot in below.
Policy.
Actually, I make Policy in Sequential(Round-Robin) Order to follow Rules but It will be Directly to Authenticated Default one..
Thanks,
Bhavin
10-18-2018 08:50 AM
Hi,
Here's how my network is.. My PC is connected to Router and also Radio device and ISE VM installed on the server is connected to the same router.
As requested I have shared my screen shots high lighting the problem area.
The problem here we are facing is.. On Device Setting page when we select all device type, it takes the default policy settings which you should see in my Radius screen shot report attached.
I send to My Cisco ISE Make a Policy Set Screen Shot in below.
Policy.
Actually, I make Policy in Sequential(Round-Robin) Order to follow Rules but It will be Directly to Authenticated Default one..
Thanks,
Bhavin
10-18-2018 08:59 AM
Hi,
Change the device type from All device type to All device type#Microwave radio#Aviation eclipes radius in network device.
As the policy sets is not matching the precise condition All device type#Microwave radio#Aviation eclipes radius which is meant for Avit eclipes radio access policy set, its hitting the default policy set.
Thanks Aravind
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide