Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ISE - Branch Wired Design - Non-Converged Access - Best policy on the switch??

Hello,

 

I would like to understand that it would be the solution the most adapted in architecture ISE when the PSN server is on the central site and my remote site does not possess PSN and no equipments converge access.


What takes place it if my link between site central and remote site is down. In this case, which policy to put on my distant switch?


1/ Check various policies (dot1x -> MAB -> Web-auth) then no block port but just to send a message to the administrator.

2/ Put ACL on router site.

3/ ?? other idea

 

what would be the most adapted policy?

 

Tks a lot

 

bye

1 REPLY
Cisco Employee

https://supportforums.cisco

https://supportforums.cisco.com/discussion/11602321/ise-nad-radius-fail-open

43
Views
0
Helpful
1
Replies
CreatePlease to create content