topic ISE2.4 consuming plus license for no feature enabled and attributes in authz policy in Network Access Control https://community.cisco.com/t5/network-access-control/ise2-4-consuming-plus-license-for-no-feature-enabled-and/m-p/3421885#M516855 <HTML><HEAD></HEAD><BODY><P>Hi Team,</P><P></P><P></P><P>Customer running ISE2.4 with traditional base and plus license. Polices are configured for MAB&nbsp; and dot1x. Profiling also enabled and devices are getting profiled. It's an upgrade from 2.2.</P><P></P><P>Policies have EAP-TLS, PEAP , AD groups and Endpoint identity group (Static not dynamic) related conditions.</P><P></P><P>Clients are getting profiled but there are no plus license related attributes in the authz policy.</P><P>Checked report for active sessions and found that <STRONG>base and plus license</STRONG> consumed for dot1x authenticated machines with license details "<STRONG>Plus license consumption because of Group type PROF</STRONG> ".</P><P></P><P>Need to understand if the client getting profiled and authenticated. Is it suppose to use both license or only base.</P><P>Customer claimed this to be base only if there are no attributes for plus in the policy.</P><P></P><P>Prior to upgrade there was no plus consumption.</P><P></P><P>Any assistance would be appreciated.</P><P></P><P>Regards</P><P>Gagan</P></BODY></HTML> Mon, 04 Jun 2018 23:56:27 GMT Gagandeep Singh 2018-06-04T23:56:27Z ISE2.4 consuming plus license for no feature enabled and attributes in authz policy https://community.cisco.com/t5/network-access-control/ise2-4-consuming-plus-license-for-no-feature-enabled-and/m-p/3421885#M516855 <HTML><HEAD></HEAD><BODY><P>Hi Team,</P><P></P><P></P><P>Customer running ISE2.4 with traditional base and plus license. Polices are configured for MAB&nbsp; and dot1x. Profiling also enabled and devices are getting profiled. It's an upgrade from 2.2.</P><P></P><P>Policies have EAP-TLS, PEAP , AD groups and Endpoint identity group (Static not dynamic) related conditions.</P><P></P><P>Clients are getting profiled but there are no plus license related attributes in the authz policy.</P><P>Checked report for active sessions and found that <STRONG>base and plus license</STRONG> consumed for dot1x authenticated machines with license details "<STRONG>Plus license consumption because of Group type PROF</STRONG> ".</P><P></P><P>Need to understand if the client getting profiled and authenticated. Is it suppose to use both license or only base.</P><P>Customer claimed this to be base only if there are no attributes for plus in the policy.</P><P></P><P>Prior to upgrade there was no plus consumption.</P><P></P><P>Any assistance would be appreciated.</P><P></P><P>Regards</P><P>Gagan</P></BODY></HTML> Mon, 04 Jun 2018 23:56:27 GMT https://community.cisco.com/t5/network-access-control/ise2-4-consuming-plus-license-for-no-feature-enabled-and/m-p/3421885#M516855 Gagandeep Singh 2018-06-04T23:56:27Z Re: ISE2.4 consuming plus license for no feature enabled and attributes in authz policy https://community.cisco.com/t5/network-access-control/ise2-4-consuming-plus-license-for-no-feature-enabled-and/m-p/3421886#M516856 <HTML><HEAD></HEAD><BODY><P>For what it's worth, I think you're hitting this</P><P><A href="https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj50218" title="https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj50218">https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvj50218</A></P></BODY></HTML> Tue, 05 Jun 2018 00:06:29 GMT https://community.cisco.com/t5/network-access-control/ise2-4-consuming-plus-license-for-no-feature-enabled-and/m-p/3421886#M516856 Damien Miller 2018-06-05T00:06:29Z