03-15-2012 03:36 AM - edited 07-03-2021 09:47 PM
Folks,
I am trying to write a policy that involves 3 things
1) Ip address of the controller
2) Identity method
3) Authentication type
Can someone guide me in the right direction on how about doing such a policy in ACS 5.2.
I do not know what fields to pick on ACS to write different policies involving these 3 attributes.
Thanks,
Parwal
03-15-2012 03:44 AM
Can you be more specific on #2 and #3.
Thanks,
Scott Fella
Sent from my iPhone
03-16-2012 07:39 PM
Scott,
I would like to write a policy on my ACS 5.2 that considers the controller the request is coming from and in addition to that considers the following:
2) Identity: Internal User or NAC profiler or Certificate profile
3) Eap Authentication method: Eap-Fast, Leap
Can you point me in the right direction.
Parwal
03-17-2012 05:57 AM
Well you have to be more specific with your policies. For example, identity would be one of the following: AD user, internal ACS accounts, etc. for the EAP authentication method, you basically allow only those protocols. If you have one SSID using EAP-Fast and another using LEAP, then you would need to create two Network Access Policies. I really still don't know what your design is and that is why I'm throwing out some examples. The ACS Configuration Guide is a good reference.
Thanks,
Scott Fella
Sent from my iPhone
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: