Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ISE policy based on user location

I'd like to create a policy that would be applied to our wireless clients based on their location. According to all the ISE documentation this is possible; however I haven't found any documentation explaining how. Was anyone created such a policy? If so, could you provide some assistance on how you were able to determine the clients location? Thank, Rick
1 REPLY
Cisco Employee

Cisco ISE allows you to

Cisco ISE allows you to create hierarchical Network Device Groups (NDGs) that contain network devices. NDGs logically group network devices based on various criteria such as geographic location, device type, and the relative place in the network (like "Access Layer" or "Data Center," for example).


Managing Network Device Groups

http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_man_network_devices.html

Once you are done with that you can create a rules under policy elements based on device location. In your case it would be a WLC. Remember, it would be location of the network access device and not the end client. If condition matches you will get the desired results.

Hope it helps.

 

Regards,

Jatin Katyal

*Do rate helpful posts*

~BR Jatin Katyal **Do rate helpful posts**
69
Views
0
Helpful
1
Replies
CreatePlease to create content