Many of the 3rd party NAD profiles on this page is based on the community effort and any questions regarding the 3rd party support information within this page should be posted to the community forum. Please do not contact Cisco TAC for support regarding the NAD profiles within this page. Please refer to ISE compatibility guides for Cisco QA tested NADs. Also, read Does ISE support my NAD document for additional information on how to find out support for your NAD.
Get Network Device Profiles
All network device profiles uploaded to the ISE community should be tagged with ise-nad-profile.
Choose Create > Uploaded File and select your exported network device profile XML file. Note: the Communities site will automatically convert your uploaded .XML file into a .ZIP file archive
Write a Description that includes the details about how it was configured and what hardware and software you tested with.
Include ise-nad-profile as one of the Tags. You may include other tags (ise,nad,profile,<vendor>, etc.) but using ise-nad-profile is how we enable you to quickly filter all documents within the Communities site for just network device profiles!
Network Device Profiles and Configs
Starting ISE 2.0, ISE supports third-party network access devices (NADs) for Authentication, Authorization and Accounting as well as advanced ISE flows such as Profiling, Posture assessment, Guess Access and BYOD. See the ISE Compatibility Guides for guidance on known supported vendors & platforms and recommended software versions.
Some of the advanced flows require special support from the NAD, such as RADIUS COA and URL Redirect in order to work properly. In case the NAD doesn't support those capabilities, see ISE 2.1 supports Auth VLAN
Third party NADs that don't support URL redirect can still be used by ISE in Auth VLAN deployment, where in this case, ISE is acting as the DHCP and DNS server. upon user connection, ISE assigns a temporary IP to the endpoint and upon first web request, ISE redirects the user to CWA to perform authentication. after successful authentication the endpoint in connected to the network with IP address assigned by the company's DHCP server. Minimal requirements for this topology is dynamic VLAN assignment and CoA (SNMP or standard).
Note: The first profile for a vendor & device does not have a type. Additional profiles will be named with different Types since multiple Series may use the same profile or the same family may have software updates that change the profile type.N?T
I am looking into purchasing a ASA 5585-x with ssp 60 and 10,000 Anyconnect Premium Peers. If these are an Anyconnect Premium license instead of an Apex will it not work? Or will it have less features. I have tried searching on the subject but there is a ...
We have already Microsoft SCCM and we have Cisco ISE, our design now is built on MAB authentication, but we need now to move to DOT1X, the problem we see is that we use SCCM to deploy Windows images to the new machines so they will be just a bare metal wi...
Dear community, Has anyone faced the issue with 802.1X auth for cisco IP phone 6921? I ran into this problem a few weeks ago, already 3 devices of this model stopped authentication via NAC, and I can't find the reason behind this issue. I know that 6...
I have just finished setting up and migrating from ASAs to FTDs. I want to setup hardware alerts that would let my team know if there is a hardware issue with either of my FTDs. They are in an HA pairing. What would be a good set of alerts to setup? In th...
Hi team, one more question, when the DUO screen is shown in the mail part, we can't put the @, we have to copy and paste from a notepad, is there any way to correct this?this happens on all pc devices when opening anyconnect , it doesn't let you put the @...