Use RADIUS for Device Administration with Cisco ISE server

  1. With Internal users identity, you have to create an account on the Cisco ISE local users database:
  1. With the next step, you have to add your device as a Radius client on the Cisco ISE server:

  1. Create a new entry for the Digi device in the Vendors list:

  1. Assign Vendor ID,attribute  and name next:


  1.  Create a Network Device Profile and assign an appropriate Radius Dictionary for the Digi device.

  1. Create an Authorization profile and assign a value of “admin” to the Radius attribute Unix-FTP-Group-Names:

  1. Create an Authentication and Authorization Policy for this local user account:

  1. Add Radius server IP address and password on the Digi device:

The configuration for Radius authentication is now complete.
Below are extra configurations steps to use Windows LDAP Active Directory (AD) server as an external identity source
1. Add connection to the Windows Active Directory (AD) server :

2. Add groups that you wish to use for authorization:

3. Create a Policy Set for LDAP AD authentication:


4. Create an Authentication Policy and set up AD as an external source for authentication:

5. Create an Authorization Policy to point to the right AD security group for authorization: