Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ISE CoA clarification

Hi everyone--trying to make sense of ISE licensing and what a client of mine is wanting to accomplish. They want to be able to do dot1X and have the machine authenticate via AD before the user even tries to authenticate and if it's not a domain machine, then do a reject access. My question is that able to be accomplished via base licensing or is that considered posturing/profiling?

Thanks all!

SJ

Sent from Cisco Technical Support iPad App

3 REPLIES

Re: ISE CoA clarification

Scott,

Hi the requirement that you are requesting will work under the base feature set. You do not need advanced and coa is not required to make this work. You can build your authorization policies such that user authentications must pass a check for a previou successful machine authentication.

Thanks,

Tarik Admani

Please remember to rate helpful posts!

Tarik Admani *Please rate helpful posts*
Cisco Employee

Re: ISE CoA clarification

advanced licence is not recquired to acomplish this task .authorization policy can be used for this

Re: ISE CoA clarification

Base license is sufficient for this.

504
Views
5
Helpful
3
Replies
CreatePlease to create content