Step
1 |
Check that the Cisco
Wireless LAN Controller (WLC) configuration or the switch OS
platform and/or version is supported by the TrustSec version you
are implementing.
|
Step
2 |
For the NAD to be
able to authorize, it needs to have following entry in the
configuration:
- aaa authorization network
radius
|
Step
3 |
For the dynamic VLAN
(dVLAN), run the following from exec mode to check that the WLC or
the switch VLAN database includes the VLAN that the ISE is trying
to assign:
|
Step
4 |
For dACL, validate
that the ISE ACL syntax is correct by going to Policy > Policy
Elements > Results > Authorization > Downloadable
ACLs.
|
Step
5 |
For Catalyst
switches, you can verify the configuration using the ISE Evaluate
Configuration Validator tool. Go to Operations > Troubleshooting
> Diagnostic Tools > General Tools.
|