ISE Authz rules with location based device

Similar Messages

• Does AirPrint work with all kinds of printers with modern usb capability? Does it also work with android based devices?

  Just as the question says

  Does AirPrint work with all kinds of printers with moden usb capability.
  AirPrint works if you have an AirPrint compatible printer.  See this Apple support document for details on compatible models.
  http://support.apple.com/kb/HT4356
  If the printer is not AirPrint compatible, it still might be possible to enable printing by installing an App like Print Central on the iPad, iPhone, or iPod.
  PrintCentral Pro for iPhone/iPod Touch - iTunes - Apple
  Does it also work with android based devices?
  I would be surprised if it did, but best to ask that question on an Android support forum.

• Problems with location based applications

  I am having problems with all of my location based applications i.e. none of them work. It seems I can never be located by the GPS no matter where i am and i just get a permanently spinning wheel. I have deleted and reloaded the Apps (although even with the generic Maps App i cannot be located) and i have reset the phone Reset iPhone (but havent Reset Settings or Restored yet). I love my iPhone but this is very frustrating. Can someone please help ?

  Didn't work unfortunately. My Location Services were On so i proceeded to Restore. All went ok on the Restore but i still have the same problem. I have 4 App's that are location based and none of them work. Your suggestion ? Thanks for your help.

• Has Apple acknowledged that there's an issue with location based reminders?

  After searching several posts, I haven't found where Apple is working on a solution for the location reminders issue.  There are several recommendations that people make...but most don't seem to work.  What say you Apple??
  Please reply with a link if I missed something during my search that answers my question. Thx

  It was a bug. In iOS 7.1 Apple fixed the location based Reminders. Users no longer need to have the Reminders app running in the background for location based reminders to fire off.

• ISE: create rules with AD groups for Users and Computers

  Hello,
  We've just begun to work with ISE.
  Is it the good place to post on ISE, or there is a dedicated forum in another place?
  We'd like to create some rule depending of Computer member groups AND Users member groups from AD, but we meet some difficulties.
  We've created AD groups for Computers and Users depending of their Department:
  Users_1
  Users_2
  Computers_1
  Computers_2
  When we create some basics rules regarding one group only:
  - with a group Computers_x to attribute a specific VLAN to a computer (when no Windows session is opened), it runs correctly.
  - with a group Users_x to attribute a specific VLAN to an user (when Windows session is opened), it runs correctly.
  But when we create a rule regarding a group from Computers and one from Users, to attribute a specific VLAN to an user on a specific computer, this rule is not applied.
  Is it possible to use ISE on this way?
  Thanks for help.
  Regards,
  Chris

  Enable EAP Chaining— if  you want Cisco ISE to allow authentication of both machine and user in the same  EAP-FAST authentication.
  http://www.cisco.com/en/US/solutions/collateral/ns340/ns414/ns742/ns744/docs/howto_80_eapchaining_deployment.pdf

• ISE Could not locate Network Device or AAA Client

  When authenticating using 802.1x and MAB, I recieve an authentication failure with the error 11007(Could not locate Network Device or AAA Client). The root cause that ISE spits back at me is "Could not find the network device or the AAA Client while accessing NAS by IP during authentication." I did pretty much everything by the book except instead of using a loopback interface I used a vlan with a defined ip address.  Could this be causing the problem?
  Here is the config of the port that I'm testing on:
  interface GigabitEthernet1/0/9
   switchport access vlan 9
   switchport mode access
   switchport voice vlan 8
   ip access-group ACL-ALLOW in
   srr-queue bandwidth share 1 30 35 5
   queue-set 2
   priority-queue out
   authentication event fail action next-method
   authentication event server dead action reinitialize vlan 4
   authentication event server dead action authorize voice
   authentication host-mode multi-auth
   authentication open
   authentication order dot1x mab
   authentication priority dot1x mab
   authentication port-control auto
   authentication violation restrict
   mab
   mls qos trust device cisco-phone
   mls qos trust cos
   dot1x pae authenticator
   dot1x timeout tx-period 10
   auto qos voip cisco-phone
   spanning-tree portfast
   service-policy input AUTOQOS-SRND4-CISCOPHONE-POLICY
  end

  I can ping both the vlan and the endpoint from the ISE.  As far as allowing ISE to speak snmp and RADIUS to the NAD, I have enabled it on the NAD config inside the ISE. I have also double checked the snmp and radius shared passwords.
  I have gotten MAB authentication to work but I am still getting the same error for dot1x authentication. Here are some of the configs on the switch.
  aaa new-model
  aaa authentication dot1x default group radius
  aaa authentication dot1x defualt group radius
  aaa authentication dot1x group group radius
  aaa authorization network default group radius
  aaa accounting dot1x default start-stop group radius
  aaa server radius dynamic-author
  aaa session-id common
  ip radius source-interface TenGigabitEthernet1/0/1
  radius-server attribute 6 on-for-login-auth
  radius-server attribute 6 support-multiple
  radius-server attribute 8 include-in-access-req
  radius-server attribute 25 access-request include
  radius-server dead-criteria time 5 tries 3
  radius-server host 10.10.10.47 auth-port 1812 acct-port 1813 test username test key 7 097940581F5412162B464D
  radius-server vsa send accounting
  radius-server vsa send authentication
  dot1x system-auth-control
   authentication order dot1x mab
   authentication priority dot1x mab
   dot1x pae authenticator
   dot1x timeout tx-period 10

• Will Location based reminders work on ios 6 for the IPad 3 I keep getting a message that siri can't do location based reminders on this device any help please

  Will Location based reminders work on ios 6 for the IPad 3 I keep getting a message that siri can't do location based reminders on this device any help please

  Have they called you back? I have opened a similar support case too today, they does not know what to do and they will speak with some engineer, but now that I have found this post...I think we just have to wait for a new minor release...anyway our devices (2 and the new if cellular) must be supported http://support.apple.com/kb/HT4970

• Use Time Capsule with Windows-based Computers and PowerLan Devices

  Hi All -
  I would like to inquire whether I can:
  1) use a Windows-based conputer to access the internal hard disk of Time Capsule; and
  2) connect the Time Capsule with prower lan devices (e.g. Aztech) to extend the wirless coverage.
  Thank you.
  Gary

  Yes.. but.. Long term storage of info is not really wise where you have no backup. TC is not able to back itself up and you will have issues finding anything but manually doing it from windows.
  What windows version?
  Have you installed the airport utility? That makes life much easier, as it adds bonjour for windows and a disk access agent.
  Simply installing the utility may be enough. If not open windows explorer and type the name or IP directly into the address bar.
  Note.. you should use all names on the TC that are short, no spaces and pure alphanumeric.
  \\TCname or \\TCIPaddress (where you obviously change to real name (no spaces of course) or IP)
  If you still have issues.. check that you can ping the TC.. and make sure firewalls are not blocking it and your PC is located HOME, not WORK or PUBLIC.

• Max authz rules in ISE 1.2 ?

  Hi All,
  Is there any doco on what the current limit is on Auth Z rules in ISE 1.2
  I have read 1.1.x had a limit of 140 authz rules.
  I am also considering using policy sets if that increases the total authZ rules.
  Cheers

  Peter,
  Here are the numbers for both 1.1.x and 1.2.  Hope this helps.
  * ISE 1.1.x
  # ISE 1.2
  Authentication Policy Rules
  * 50
  # 400
  Conditions Per AuthC Policy Rule
  * 3
  # 8
  Authorization Policy Rules
  *140
  # 600
  Authorization Identity Groups
  * 20
  # 1000
  Conditions per AuthZ Policy Rule
  *6
  # 8
  Authorization Profiles
  * 30
  # 600
  Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question.  Otherwise, feel free to post follow-up questions.
  Charles Moreton

• Devices and I are in one city but time zone and location based apps show devices location in another city

  iPad2 with IOS 8.1.2 located with me in Eastern Time Zone city but settings under General reflects Central Time Zone(Chicago).  All location based Apps are reflecting a Central Time Zone city, one that I have never visited.  I did an erase and restore of a backup prior to this issue but it was not resolved.  What do I do?         

  I am having a similar issue. I moved about 10-15 miles. Any app, such as Maps, a Weather, etc, that use location keep showing my current location as my old address. I'm interested in hearing the solution to your problem.

• How do you set location based reminders with location restrictions turned on?

  I can set location based reminders with location restrictions turned off, but I want them on. Otherwise if I lost or if somebody stole my iPhone they could just turn off the find my iPhone function. Yet if I have location services restricted to prevent this then location based reminders are unavailable. Any help would be appreciated

  I can set location based reminders with location restrictions turned off, but I want them on. Otherwise if I lost or if somebody stole my iPhone they could just turn off the find my iPhone function. Yet if I have location services restricted to prevent this then location based reminders are unavailable. Any help would be appreciated

• Location based reminders option not available on iPhone 6plus with iOS 8.1

  Location based reminders option  (within Reminders app) is not available. I can open the app and create a reminder based off time, but there is no option present to specify location. I have location services enabled. The Reminders app is not listed in my apps eligible to use Location services, but it's never asked... because it's not an option in the app to select.
  iPhone 6plus with iOS 8.1

  Try using Siri to set the reminder, something like "remind me to call mom when I leave home". It should either know or ask what "home" is and that may initiate the location services. I did confirm that location services are available on the latest OS for the iPhone plus (just checked mine).

• Location based services with ELM AP?

  Hello Experts,
  Maybe you have some experience with this stuff? Is it possible to use location based services with Enhanced Local Mode APs?

  As long as the AP is serving clients it can, once you remove that and set it like in Monitor Mode and use it for a sniffer or spectrum it can't. So as long as your site survey has triangulation and meets the requirement for location base, you should be fine.
  Sent from Cisco Technical Support iPhone App

• How can I stop my IOS 7 device from sharing my location with IOS 8 devices?

  How can I stop my IOS 7 device from sharing my location with IOS 8 devices? My friend who upgraded their device to IOS 8 said that I'm automatically sharing my location via iMessage details.  I don't want to upgrade to IOS 8 yet because I don't have space.  Is there a way to disable sharing my location with IOS 8 devices by default?  I don't want to turn all location services off because I frequently use Google Maps.

  Actually that's not true. I have a device (iPhone) running ios 7. My friend has an iphone running ios 8. When she clicked into her imessage thread with me, clicks on details in the top right corner it will show her my GPS location. It's doing this automatically because I do not have ios 8 on my phone therefore I don't have the ability to "stop sharing my location". Apple is automatically sharing the location.  If you are using an ios 8, apple automatically pulls in location data for anyone you are messaging not using ios 8. I haven't found a way around this unless you turn off all location services on your phone which is immensely disturbing.

• Promemoria geolocalizzati non funzionano con iOs 7 location-based reminders do not work with iOs7

  promemoria geolocalizzati non funzionano con iOs 7
  location-based reminders do not work with iOs7

  Hi konekotron,
  See this manual about using the Apple Wireless Keyboard with your iPad -
  iPad User Guide
  http://manuals.info.apple.com/MANUALS/1000/MA1595/en_US/ipad_user_guide.pdf
  See page 25 and the section on using International Keyboards on page 125.
  A similar guide for the iPhone -
  iPhone User Guide
  manuals.info.apple.com/MANUALS/1000/MA1565/en_US/iphone_user_guide.pdf
  See page 28.
  Thanks for using Apple Support Communities.
  Best,
  Brett L