Cisco ISE rule on two active directory domain with trust relationship
If a company has two domains (example abc.com and xyz.com) with trust relationship between these AD, can we setup authorization rules on Cisco ISE for example group IT in abc.com get access to server A and group IT in xyz.com get access to server B? Is this possible? I'm trying this in my lab but it still doesn't work. I connect to abc.com in the AD configuration on ISE and from there I am able to query xyz.com user group. But if I use the xyz.com group in authorization rule, it keeps getting bypassed by ISE. but running normally with abc.com. Please help.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...