×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ISE CoA clarification

Unanswered Question
Jul 15th, 2012
User Badges:

Hi everyone--trying to make sense of ISE licensing and what a client of mine is wanting to accomplish. They want to be able to do dot1X and have the machine authenticate via AD before the user even tries to authenticate and if it's not a domain machine, then do a reject access. My question is that able to be accomplished via base licensing or is that considered posturing/profiling?


Thanks all!


SJ


Sent from Cisco Technical Support iPad App

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Tarik Admani Sun, 07/15/2012 - 11:13
User Badges:
  • Green, 3000 points or more

Scott,


Hi the requirement that you are requesting will work under the base feature set. You do not need advanced and coa is not required to make this work. You can build your authorization policies such that user authentications must pass a check for a previou successful machine authentication.


Thanks,

Tarik Admani


Please remember to rate helpful posts!

Venkatesh Attuluri Tue, 05/28/2013 - 02:32
User Badges:
  • Cisco Employee,

advanced licence is not recquired to acomplish this task .authorization policy can be used for this

Naveen Kumar Tue, 02/04/2014 - 01:14
User Badges:
  • Silver, 250 points or more

Base license is sufficient for this.

Actions

This Discussion

Related Content