2-34
Cisco NAC Appliance - Clean Access Manager Configuration Guide
OL-28003-01
Chapter 2 Device Management: Adding Clean Access Servers, Adding Filters
Integrating Cisco ISE Profiler
Step 2 In the New Rule form, enter the following:
• Rule Name – Enter a name for the new Rule.
• Rule Description – Enter a description.
• Matching Profile – Enter Endpoint Profile names in the text box as follows:
–
Specify an exact Profile name. You can click Display Profiles and select a Profile from the
popup list. The existing endpoint Profile names in Cisco ISE Profiler are displayed in this list
as shown in Figure 2-17.
–
Use a wildcard "*" to specify multiple Profile names.
–
Separate multiple Profile names with a return.
Figure 2-17 Display Profiles
Step 3
Choose the policy for the Profile from the Access Type choices:
• ALLOW
IB - bypass login, bypass posture assessment, allow access
OOB (Switch) - bypass login, bypass posture assessment, assign Default Access VLAN
OOB (WLC) - bypass login, bypass posture assessment, assign WLC Access VLAN
• DENY
IB - bypass login, bypass posture assessment, deny access
OOB (Switch) - bypass login, bypass posture assessment, assign Auth VLAN
OOB (WLC) - bypass login, bypass posture assessment, assign WLC Quarantine VLAN
• ROLE
IB - bypass login, bypass L2 posture assessment/apply L3 posture assessment, assign role
OOB (Switch) - bypass login, bypass L2/L3 posture assessment, assign User Role VLAN
OOB (WLC) - bypass login, bypass L2/L3 posture assessment, assign WLC Access VLAN. See
Chapter 6, “User Management: Configuring User Roles and Local Users” for details.
Kommentare zu diesen Handbüchern