Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Wierd Problem with Cisco ISE AuthC policy

Hi all,

I have defined an AuthC policy which is very similar to two other policies which work fine.

The condition is ONLY based on the NAS IP and once that is matched, the only protocol allowed is PAP and that the Internal Users DB should be consulted for the user.

Only thing is that when the RADIUS authentication request comes in, it does not match the policy I have created and matches the defaul Deny Access rule.

Attached are screenshots of what I have configured. If there is anything else that you may need me to tell you to help me troubleshoot this then let me know.

I thought it may be an issue with using the Internal User store, so instead I changed it to "AD1" which then makes it exactly the same as the other rules that work fine, but this rule still will not match.

I think this is another bug.

Any advice greatly appreciated thanks!

Mario De Rosa

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Hello Mario-Looking at the

Hello Mario-

Looking at the logs, the session is not using PAP/ASCII but instead it is using "dot1x" What type of scenario are you doing here?

 

Thank you for rating helpful posts!

Thank you for rating helpful posts!
3 REPLIES
Cisco Employee

Hello Mario-Looking at the

Hello Mario-

Looking at the logs, the session is not using PAP/ASCII but instead it is using "dot1x" What type of scenario are you doing here?

 

Thank you for rating helpful posts!

Thank you for rating helpful posts!
New Member

Hi Neno, yes you are correct,

Hi Neno,

 

yes you are correct, it was because I did not allow 802.1x in the Authentication policy.

 

The scenario is that we have a 3g mobile network and we are setting up RADIUS authentication for the 3g routers as they log in to the 3g cloud.

 

Thanks

 

Mario

Cisco Employee

Cool. Glad your issue is

Cool. Glad your issue is solved!

Thank you for rating helpful posts!
110
Views
0
Helpful
3
Replies
CreatePlease login to create content