ISE 1.2 - Match Policy Set based on endpoint identity group?
Hello, I would like to create a condition that would force MAB'd clients to hit a certain policy set if their MAC address matches one in an endpoint identity group? Is this possible? I feel like a condition can be created using a combination of attributes, but I cannot seem to hit on it properly. Thanks.
Thanks. I have the basic wired/wireless policy sets, but would like a more detailed level of policy sets for some of my lab machines that need individual DACLs. I dont want to saturate my policy with DACLs. So I would like MAB'd users to enter the Lab Machine Policy Set if they fall in a certain endpoint identity group.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...