Cisco Cisco ASA for Nexus 1000V Series Switch Technical Manual
Experience with Identity Services Engine (ISE) configuration
•
Components Used
The information in this document is based on these software and hardware versions:
Microsoft Windows 7
•
Cisco ASA software, Version 9.3.2 and later
•
Cisco ISE, Release 1.2 and later
•
Background Information
AnyConnect Secure Mobility Client Considerations
The native Windows IKEv2 client does not support split tunnel (there are no CONF REPLY attributes which
could be accepted by the Windows 7 client), so the only possible policy with the Microsoft client is to tunnel
all traffic (0/0 traffic selectors). If there is a need for a specific split tunnel policy, AnyConnect should be
used.
could be accepted by the Windows 7 client), so the only possible policy with the Microsoft client is to tunnel
all traffic (0/0 traffic selectors). If there is a need for a specific split tunnel policy, AnyConnect should be
used.
AnyConnect does not support standardized EAP methods which are terminated on the AAA server (PEAP,
Transport Layer Security). If there is a need to terminate EAP sessions on the AAA server then the Microsoft
client can be used.
Transport Layer Security). If there is a need to terminate EAP sessions on the AAA server then the Microsoft
client can be used.
Configure
Note: Use the Command Lookup Tool (registered customers only) in order to obtain more information on the
commands used in this section.
commands used in this section.
Network Diagram