Cisco ISE Part 7: Configuring wireless network devices
This is a Cisco ISE blog post series with some how-to’s for configuring the ISE deployment, This blog post series exists of 10 parts.
The blogpost Agenda:
Part 1: introduction
Part 2: installation
Part 3: Active Directory
Part 4: High Availability
Part 5: Configuring wired network devices
Part 6: Policy enforcement and MAB
Part 7: Configuring wireless network devices
Part 8: Inline posture and VPN
Part 9: Guest and web authentication
Part 10: Profiling and posture
This week, part 7: Configuring wireless network devices
First, add the WLC as a radius client.
Click: Administration – Network Resources – Network Devices. Click Add and create a network device object.
Click Select Existing condition from library, select condition, navigate to Compound condition and select wireless_802.1x.
Click Select Network Access, Allowed Protocols – Default network access. Make sure PEAP is available in this network access rule.
For the authorization profiles, click Policy – Policy Elements – Results
Make sure you select the correct Airespace ACL name.
Create an authorization policy that assigns the authorization profile. Click Policy – Authorization. Insert a new row.
Create a new rule, select the “wireless_802.1X” compound condition from the library. To check if the user is also a domain member, add another attribute. Click Select Attribute – <domain> – <usergroup>
Browse to the WLC webinterface.