Meraki

Community

Push SGTs from ISE to & fro from Meraki dashboard

FlyingFrames
Building a reputation
‎May 16 2025 3:38 PM
‎May 16 2025 3:38 PM

Push SGTs from ISE to & fro from Meraki dashboard

We do not want to configure SGTs in two places i.e. Meraki dashboard & ISE. Is there a sync feature available?

Also if a client with an SGT does an anomalous behavior e.g. passing traffic to a geographical region not expected, how do we contain it using SGTs?

Labels:
0 Kudos
2 Replies 2
MartinLL
Building a reputation
‎May 16 2025 10:47 PM
‎May 16 2025 10:47 PM

Yes.

https://community.cisco.com/t5/security-knowledge-base/ise-and-meraki-integration-for-the-sgt-policy...

 

You would need to use ANC on ISE and an external system that signals to ISE when a endpoint is not behaving correctly, then do an action based on that. 

MLL
rhbirkelund
Kind of a big deal
Kind of a big deal
‎May 18 2025 1:49 AM
‎May 18 2025 1:49 AM

Also, for SGTs/ Adaptive Policies, to be applied down the network, you need to have Adaptive Policy capable switches and access point throughout the network. 

 

That means C9k/MS390 or MS130/MS150 switches and AC Wave 2 or Wi-Fi 6/6E Access Points. 

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.