Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to block a endpoint PC in Cisco ISE system?

Hi All,

Our company deployed Cisco ISE system to control PC clients access LAN.

I have a question:

I'd know a MAC address and I want to deny this MAC address to access our company LAN?

What step should I do it?

Thanks a lot !!

 

BR Frank

Everyone's tags (1)
2 REPLIES

From ISE identity management,

From ISE identity management, open Endpoints. IF endpoint is there ( search Endpoint using MAC ), select the endpoint and edit. Opt static group assignment and assign the endpoint as Blacklisted. Now from Authorization policy, make one policy like , if condition < blacklisted >  then permissions < deny >
 

New Member

Hi Salodh,As before, I just

Hi Salodh,

As before, I just find MAC address and assign it as "BLACKLIST" group, but I didn't define "BLACKLIST" policy, I think this is the reason for my failure.

Thanks a lot.

/Frank

 

 

 

520
Views
0
Helpful
2
Replies
CreatePlease to create content