11-20-2017 06:56 AM
Hello,
I have a partner asking the following about ISE authentication.
1) Is ISE capable of authenticating through the following methods
- MAC authentication of device
- 802.1x user authentication through external AD server
- Additional authentication with one-time-password
2) If yes, do these 3 methods happen one after the other?
Thank you.
Solved! Go to Solution.
11-20-2017 07:29 AM
Yes this is the capability of the network access device for example on the switch You would set up flexible authentication to perform 802.1X 1 and then fall back to Mac auth bypass
On the wireless side it depends on the wireless LAN you can either do Mac auth bypass on one WLAN or 802.1X on another but it doesn’t support both
Not sure if the OTP, you either do one or the other I believe and not both, perhaps someone here knows more if it’s possible
11-20-2017 07:29 AM
Yes this is the capability of the network access device for example on the switch You would set up flexible authentication to perform 802.1X 1 and then fall back to Mac auth bypass
On the wireless side it depends on the wireless LAN you can either do Mac auth bypass on one WLAN or 802.1X on another but it doesn’t support both
Not sure if the OTP, you either do one or the other I believe and not both, perhaps someone here knows more if it’s possible
11-21-2017 03:50 AM
Typically authentication is serial and the NAD will only authenticate using one method. There are exceptions like ASA VPN where two separate auths can be sent for same connection, or different methods to "chain" authentications such as EAP Chaining, CWA Chaining, or Easy Connect Chaining.
OTP is often associated with Two-Factor Authentication (or Multi-Factory Auth) where 2 or more methods are combined into one event. For example, I enter a PIN or biometric to unlock a one-time passcode. The passcode is validated by ISE to token server, but the user had to perform multiple verifications to issue the OTP.
Craig
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide