Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ISE to dynamiclly push Private Vlans on Access switch deployments

                   Hi all,

is there a way to push PVLAN configuration via ISE to Access switches.

Currently I'm thinking about an authoration profile with an attribute setting PVLAN.

Has anyone an idea how to push Private VLan configs dynamiclly to Access Ports on Switches.

Thanks for your comments

3 REPLIES

ISE to dynamiclly push Private Vlans on Access switch deployment

You cannot assign private Vlans to switch via ISE

Re: ISE to dynamiclly push Private Vlans on Access switch deploy

Try looking into using switch macros, you should be able to create a custom macro that changes the config of the port in question to make it part of a pvlan community/isolated port or whatever you need and then trigger this macro from ISE with your authorization result. It's used for the feature cisco call NEAT, try searching for that and you should find some examples.

ISE to dynamiclly push Private Vlans on Access switch deployment

Hello Dieter,

I have found only this docs related to your post:

Cisco Systems' Private VLANs: Scalable Security in a Multi-Client Environment
RFC 5517

https://datatracker.ietf.org/doc/rfc5517/?include_text=1

409
Views
0
Helpful
3
Replies
CreatePlease login to create content