Meraki

Community

Meraki MS switches and ISE posture

Solved
charles07
Getting noticed
‎Nov 23 2023 9:32 PM
‎Nov 23 2023 9:32 PM

Meraki MS switches and ISE posture

Has anyone done Cisco ISE Posture for endpoint devices like laptop, desktop etc with Meraki MS switches in the network. Posture conditions are Domain joined, AV etc.

 

Should 802.1x be configured on switches for this? It's ok if nay system is connected to nay port in the switch. Once posture conditions are met they should be permitted to the network.

Labels:
0 Kudos
1 Accepted Solution
charles07
Getting noticed
‎Dec 27 2023 1:41 AM
‎Dec 27 2023 1:41 AM

i did the setup successfully referring different docs. In below link i have outlined the steps followed.

https://community.meraki.com/t5/Switching/Meraki-MS-Wired-Posture-with-Cisco-ISE/td-p/220229

View solution in original post

0 Kudos
7 Replies 7
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 24 2023 3:28 AM
‎Nov 24 2023 3:28 AM

It's fully supported

Please see our compatibility matrix

 

https://communities.cisco.com/docs/DOC-68192?mobileredirect=true

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
charles07
Getting noticed
‎Nov 24 2023 5:18 AM
‎Nov 24 2023 5:18 AM

Thank you,

should 802.1x configured on switches for the basic ISE posture to work.
are there any configuration document for Meraki switch config for ISE posture.

0 Kudos
In response to charles07
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 24 2023 5:31 AM
‎Nov 24 2023 5:31 AM

In this same document there is a guide.

 

https://community.cisco.com/t5/security-knowledge-base/how-to-integrate-meraki-networks-with-ise/ta-...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
GIdenJoe
Kind of a big deal
Kind of a big deal
‎Nov 24 2023 9:03 AM
‎Nov 24 2023 9:03 AM

Since the posture check is on the endpoint itself ISE will decide what to send to the switch for network access.  There is no other input needed than what the endpoint agent provides.  So the switch will not need to use any special features for it to work.

In response to GIdenJoe
charles07
Getting noticed
‎Nov 24 2023 8:55 PM
‎Nov 24 2023 8:55 PM

Thank you @GIdenJoe when a user first time connects to local network, how can they redirected to the ISE portal to download and install ISE agent. Whenever a new user connects he/she needs to be redirected to download and install ISE posture agent, once posture is successful they'll be permitted to the network.
Thanks in advance.

0 Kudos
In response to charles07
charles07
Getting noticed
‎Dec 16 2023 3:38 AM
‎Dec 16 2023 3:38 AM

Any solution on this???

 

0 Kudos
charles07
Getting noticed
‎Dec 27 2023 1:41 AM
‎Dec 27 2023 1:41 AM

i did the setup successfully referring different docs. In below link i have outlined the steps followed.

https://community.meraki.com/t5/Switching/Meraki-MS-Wired-Posture-with-Cisco-ISE/td-p/220229

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.