04-29-2019 11:59 AM - edited 04-29-2019 12:02 PM
Hi
Does anyone know when the new Room kit devices will become a standard in the ISE profiler and if so when will it be released in the feeds update?
Thanks
04-01-2022 06:18 AM
Almost three years later and Cisco still hasn't corrected this? How does Cisco not have profiles for their own hardware?
08-18-2023 10:00 AM - edited 08-18-2023 04:17 PM
For anyone else running into this issue, your best bet is creating it yourself.
Under Policy>Profiling, create a new endpoint policy.
Name it Cisco-RoomKit or something similar.
Set a minimum certainty factor (I used 100)
Exception action: none
NMAP action: none
Select radio button for 'Yes, create matching identity group'
Parent Policy: Cisco-Device
Rules:
Create a new rule and create a new condition. For the expression, select CDP>cdpCachePlatform. Then select CONTAINS from the drop down in the next field. And type Room Kit into the last field. Change the number that the certainty factor increases to match the minimum certainty factor configured above.
Save the policy and it should start profiling room kits. Then use the created matching identity group in your policy sets to permit the devices.
Sidenote: It should be a part of standard config, but you need to have device-sensor settings configured on the switch the room kit is connected to, for ISE to receive the CDP data.
Example:
device-sensor filter-list cdp list TLV-CDP
tlv name device-name
tlv name address-type
tlv name capabilities-type
tlv name version-type
tlv name platform-type
device-sensor filter-spec cdp include list TLV-CDP
!
device-sensor accounting
device-sensor notify all-changes
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: