collapse

Search


User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic: Wildcard on Compound Condition in ISE  (Read 6271 times)

Offline bhatsy

  • Cisco Newbie
  • *
  • Posts: 14
  • Reputation: 0
  • Certification: CCNP
Wildcard on Compound Condition in ISE
« on: July 19, 2014, 10:49:42 AM »
I want to use the SSID as a condition in Authorization profile. The SSID I have is test123. The only place where the SSID gets sent out in RADIUS is Called Station Id. But that includes the AP Radio MAC:SSID. Is there a way I can wild card the AP Radio Mac:  in the condition? Can i use REGEX ?

Offline spark_rod

  • Cisco Newbie
  • *
  • Posts: 9
  • Reputation: 1
  • Certification: CCNP
Re: Wildcard on Compound Condition in ISE
« Reply #1 on: July 19, 2014, 01:19:49 PM »
Hi, for what I understand. You want to create a policy that associate to the specific SSID? there's an attribute called wlan-id. for example, the test123 ssid assigned in wlan id 1 in your controller.. just add the attribute in your condition..airespace:Airespace-Wlan-Id equals to 1.

Offline bhatsy

  • Cisco Newbie
  • *
  • Posts: 14
  • Reputation: 0
  • Certification: CCNP
Re: Wildcard on Compound Condition in ISE
« Reply #2 on: July 19, 2014, 05:34:48 PM »
My wlan controller is not cisco. It does not support airespace attributes in radius. I configured regex expression .*(test123) $ to match the SSID in called station id but it is not matching.  It seems like a bug in the ise code.  Does any one know other ways to implement policies based on ssids in ise ?

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 398
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: Wildcard on Compound Condition in ISE
« Reply #3 on: July 20, 2014, 11:46:16 AM »
They way I got it to work is to use "Contain" instead of "Match" so you don't have to bother with regex. So just {Called-Station-Id (Contain) test123}. I believe Contain became available in version 1.2. If you have 1.1, you are stuck with Match but that should still work  with .*(test123).*.

Offline bhatsy

  • Cisco Newbie
  • *
  • Posts: 14
  • Reputation: 0
  • Certification: CCNP
Re: Wildcard on Compound Condition in ISE
« Reply #4 on: July 21, 2014, 10:50:21 AM »
Thanks a lot. I cant believe i missed it in the drop down menu. That worked.

 

SimplePortal 2.3.7 © 2008-2024, SimplePortal