Configure Cisco Identity Services Engine (ISE): RADIUS Authentication
Note: The instructions given in the topic are based on ISE v3.3.x.
|
2.
|
Go to Administration>Network Devices. |
|
3.
|
Click Add. The New Network Device page appears. |
|
a.
|
Enter the device name in the Name field. |
|
b.
|
Enter the IP address and net mask value of the GigaVUE FM device in the IP Address field. |
|
c.
|
Select the RADIUS Authentication Settings checkbox. |
|
d.
|
Configure a key for the RADIUS authentication in the Shared Secret field. |
|
5.
|
Go to Administration>Identity Management>Identities. |
|
a.
|
Create users for RADIUS authentication. |
|
6.
|
Go to Administration>Identity Management>Groups>User Identity Groups. |
|
a.
|
Create user groups and assign the users to specific user groups. |
Note: Refer Add Users and Create User Groups topics in CISCO ISE documentation for more information.
|
7.
|
Go to Policy>Policy Elements>Results. |
|
8.
|
In the Results page, go to Authorization>Authorization Profiles. |
|
a.
|
Click Add to create an authorization profile that will be mapped to the user groups. |
|
b.
|
Enter the name for the authorization profile in the Name field. |
|
c.
|
In the Common Tasks section, select the ASA VPN option and enter the user group that needs to be mapped to the user group in GigaVUE‑FM |
|
9.
|
Go to Policy>Policy Sets. The New Policy Set page appears. |
|
10.
|
. Do the following steps to create a new policy. |
|
a.
|
In the Authentication Policy section, create an authentication rule and map it to the users who can be authenticated to access GigaVUE‑FM through RADIUS authentication. |
|
b.
|
In the Authorization Policy section, create an authorization rule that maps the user groups with the created RADIUS authorization profile. |
