! To configure Network Device Group and Network Device on ISE :
Connect to https://192.168.1.117 and login with admin credentials.
! Creat Network Device Group
Go to Administration Tab -> Network Device Groups -> Click to All Locations -> Click Add and create Group
! Creat Network Device
Go to Administration Tab -> Network Device -> Click Add and create Network Device. You have to select our New Network Device Group as Location.
! On "Authentication Settings" section you have to configure your radius Secret, in our Lab is : Nugget!23
*Note: We need to have at last one user to make tests.
! Create enduser in ISE
Go to Administration Tab -> Identities -> Click to Users section -> Click Add and create new User
! Configure AAA, Radius Server IP and Radius group on Switch
SWITCH(config)# enable secret Cisco!23
! Configure AAA function on Switch
SWITCH(config)# aaa new-model
SWITCH(config)# aaa authentication login default enable
! Configure Radius server
SWITCH(config)# radius server ISE
SWITCH(config-radius-server)# address ipv4 192.168.1.117 auth-port 1812 acct-port 1813
SWITCH(config-radius-server)# key Nugget!23
SWITCH(config-radius-server)# exit
! Configure AAA Radius group
SWITCH(config)# aaa group server radius ISE-group
SWITCH(config-sg-radius)# server name ISE
! Enable Vendor Specific Attributes
SWITCH(config)# radius-server vsa send authentication
SWITCH(config)# radius-server vsa send accounting
! Enable IP tracking
SWITCH(config)# ip device tracking
! Test basic connectivity and Radius
SWITCH(config)# do ping 192.168.1.117
!!!!!
Success rate is 100 percent (5/5)
SWITCH(config)# do test aaa group ISE-group bob Nugget!23 new-code
User successfully authenticated
