Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ISE to assign group policies on ASA

Does anyone know if this is possible to use ISE to hand out group policies on the ASA based on AD group, or username?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Hi Stephen,If I am not wrong

Hi Stephen,

If I am not wrong you would like to push the group-policy name to configure group-lock feature. Yes, this can be done based on the AD (as a condition). Please look at the attached screen shot of how you can define the ASA group on ISE. The same group (case sensitive) should be predefined on the ASA to lock the user of the AD group to that specific group-policy only.

Once you're done with the authorization profile, create a authz rule under policy elements > authorization > create a condition with the AD group you want and select the autorization profile you created as a result in the previous step.

 

Regards,

Jatin Katyal

*Do rate helpful posts*

 

~BR Jatin Katyal **Do rate helpful posts**
2 REPLIES

ISE to assign group policies on ASA

Cisco Employee

Hi Stephen,If I am not wrong

Hi Stephen,

If I am not wrong you would like to push the group-policy name to configure group-lock feature. Yes, this can be done based on the AD (as a condition). Please look at the attached screen shot of how you can define the ASA group on ISE. The same group (case sensitive) should be predefined on the ASA to lock the user of the AD group to that specific group-policy only.

Once you're done with the authorization profile, create a authz rule under policy elements > authorization > create a condition with the AD group you want and select the autorization profile you created as a result in the previous step.

 

Regards,

Jatin Katyal

*Do rate helpful posts*

 

~BR Jatin Katyal **Do rate helpful posts**
596
Views
0
Helpful
2
Replies