Integrate Cisco Identity Services Engine

This technical integration guide describes how to integrate a Cisco ISE Series Adaptive Security Appliance and Identity as a Service. The Cisco ISE allows your remote access Gateway (IPsec or SSL) to communicate with Identity as a Service. The Cisco ISE allows your remote access Gateway (IPsec or SSL) to communicate with Identity as a Service. You can integrate Identity as a Service with a RADIUS server. In this environment, the Identity as a Service RADIUS agent intercepts messages between the VPN server and the RADIUS agent.

Before you begin, review the following:

Supported authentication methods

Prerequisites

Integrate Cisco ISE

Complete the following steps to integrate Cisco ISE with IDaaS.

Step 1: Configure Cisco ISE as an AAA client

Step 2: Configure a clientless Web SSL connection profile

Step 3: Configure a Cisco AnyConnect VPN connection profile

Step 4: Configure Cisco Identity Service Engine

Step 5: Configure Cisco ISE external identity resources

Step 6: Configure Cisco ISE external authentication policy

Step 7: Add Cisco ISE to Identity as a Service

Step 8: Protect Cisco ISE with a resource rule

Step 9: Test the integration using one of these methods: