Menu

Poland

GRANDMETRIC Sp. z o.o.
ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43
info@grandmetric.com

Sweden

Drottninggatan 86
111 36 Stockholm
+46 762 041 514
info@grandmetric.com

UK

Grandmetric LTD
Office 584b
182-184 High Street North
London
E6 2JA
+44 20 3321 5276
info@grandmetric.com

US Region

Grandmetric LLC
Lewes DE 19958
16192 Coastal Hwy USA
EIN: 98-1615498
+1 302 691 94 10
info@grandmetric.com

  • en
  • pl
  • se
  • How to add Network Access Device to ISE 3.0

    Design & Configure

    Cisco ISE 3.0: Adding NAD to ISE 

    Technology: Network Security
    Area: Access and Identity Management
    Vendor: Cisco
    Software: ISE 3.0
    Platform: ISE Virtual Appliance, ISE Physical Appliance 

    When a RADIUS client (switch, firewall, AP controller, etc.) is prompted to communicate with a RADIUS server it must be defined as Network Access Device (NAD) on the RADIUS server (ISE in this case). Otherwise, all authentication attempts will result in a failure. Before NAD is added to ISE 3.0, it is still possible to define the structure of NAD for better organization. Groups, NAD Locations, and Types can be specified. These attributes can be used while building Authentication (AuthC) and Authorization (AuthZ) rules.  

    Follow the steps below to define new network device groups and add a new network device to ISE. 

    Step 1 – Navigate to the Network Device Groups menu

    Network Device Groups Cisco ISE

    Step 2 – Add a Device Type Group

    In our case, we name the group “Test”

    Device Type Group Name

     

    Step 3 – Add a Device Location Group

    We’ll call our location “Lab”

    Device Location Group modal

    Step 4 – Navigate to Network Devices Menu

    Network Access Device Cisco

     

    Step 5 – Add a new Device

    Don’t forget to include it in previously configured groups.

    ISE 3.0 configuration

    Device profile cisco ise

    Radius authentication settings

    Radius DTLS Settings

    Radius General Settings

    After saving the changes, the device should be accessible via RADIUS, implying that the RADIUS server is specified on the device itself.

     

    In our previous mini-tutorial, you can also check how to add NAD to ISE 2.1

     

    Author: Jaroslaw Banakh
     
    Grandmetric