Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
820
Views
0
Helpful
1
Replies

ISE 2.2 MYSQL database design MAB

Richard Lucht
Level 1
Level 1

‎03-16-2018 08:26 AM - edited ‎02-21-2020 10:49 AM

Hello all, So I followed the guide https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine-22/210521-Configure-ISE-2-2-for-integration-with-M.html for setting up MySQL and connecting it to ISE.  That connection part works fine.  MySQL is working fine.  The guide shows setting up a users group then a table for groups and mapping users to those groups.  I understand that part.  What I am looking for is a very simple setup.  I what to set up one group that stores mac address that we can use mac address bypass.  The MAB will be for devices that we can't put certs on like printers and other peripheral devices.  

 

Does anyone have a MySQL database design for mac address bypass that would be willing to share?  

Labels:
0 Helpful
1 Reply 1

Octavian Szolga
Level 4
Level 4

‎03-19-2018 02:24 AM

Hi,

If you want to use a MYSQL db to store your MACs in it, there's not need for a design document.

You just have to edit the MAB rule to something like:

Wired or WiFi MAB request -> search user (MAC) in identity store -> your_mysql_db

 

Thanks,

Octavian

0 Helpful
Customers Also Viewed These Support Documents