Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

ise with proxy

Hi all,

Does anyone implements Cisco ISE with the proxy like Bluecoat ?

After the users authentication and authorization are accepted, mean that they are ready to WWW. but they still need to authenticate with Bluecoat again to access the internet.

Any ideas for this style ?

Thanks,

Pongsatorn

Everyone's tags (3)
7 REPLIES
New Member

Re: ise with proxy

It is going to depend on the supplicant you use and the device type. What kind of device are you trying to use and what is the supplicant? There are some issues with mobile devices and proxies specifically with bypass lists.

Sent from Cisco Technical Support iPad App

ise with proxy

HI,

Does the blue coat support anything such as transparent proxy? Ironport does this in a way that when it is integrated with Active Directory it can find the user to ip mapping and set the condition on the fly without redirecting users for authentication.

https://kb.bluecoat.com/index?page=content&id=KB4799

Thanks,

Tarik Admani
*Please rate helpful posts*

Tarik Admani *Please rate helpful posts*

ise with proxy

Tarik,

You mean that if the bluecoat supports the transparent proxy and it able to integrate with LDAP or Active Directory. It will work for this scenario, right ?

Does Bluecoat and Cisco ISE need to join on the same Active Directory to perform this scenario ?

Thanks for your guy response.

Pongsatorn M.

ise with proxy

Did you mean PAC file for proxy ?

Pongsatorn M.

New Member

ise with proxy

PAC file is needed for iOS devices as there isn't an option for a bypass list. But on the Android devices you can't point to the PAC file but you can put in a bypass list.

New Member

Hi, did you ever get this to

Hi, did you ever get this to work?

We use BC in tranparent mode, so all AD traffic will authenticate no problem.  We are looking to authetnciate users created by ISE guest, I nkow can be done with Ironport, just wondered if you got round this?

cheers

New Member

Hi Craig,

Hi Craig,

i wonder how you control the users thru BC who authenticated by ISE, in our scenario the wireless users authenticated against ISE and we set "do not authenticate option" in BC for the same users but in this case we unable to apply BC policies/Rules, if we enable authentication in BC then users need to provide credential two times, isn't it?

regards,

- Moin -

 

1534
Views
0
Helpful
7
Replies