Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
236
Views
0
Helpful
1
Replies

ISE - Branch Wired Design - Non-Converged Access - Best policy on the switch??

martinez.david2
Level 4
Level 4

‎04-07-2014 01:32 AM - edited ‎03-10-2019 09:37 PM

Hello,

 

I would like to understand that it would be the solution the most adapted in architecture ISE when the PSN server is on the central site and my remote site does not possess PSN and no equipments converge access.


What takes place it if my link between site central and remote site is down. In this case, which policy to put on my distant switch?


1/ Check various policies (dot1x -> MAB -> Web-auth) then no block port but just to send a message to the administrator.

2/ Put ACL on router site.

3/ ?? other idea

 

what would be the most adapted policy?

 

Tks a lot

 

bye

Labels:
0 Helpful
1 Reply 1

Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎04-09-2014 08:18 AM

https://supportforums.cisco.com/discussion/11602321/ise-nad-radius-fail-open

0 Helpful
Customers Also Viewed These Support Documents