04-29-2019 11:59 AM - edited 04-29-2019 12:02 PM
Hi
Does anyone know when the new Room kit devices will become a standard in the ISE profiler and if so when will it be released in the feeds update?
Thanks
04-01-2022 06:18 AM
Almost three years later and Cisco still hasn't corrected this? How does Cisco not have profiles for their own hardware?
08-18-2023 10:00 AM - edited 08-18-2023 04:17 PM
For anyone else running into this issue, your best bet is creating it yourself.
Under Policy>Profiling, create a new endpoint policy.
Name it Cisco-RoomKit or something similar.
Set a minimum certainty factor (I used 100)
Exception action: none
NMAP action: none
Select radio button for 'Yes, create matching identity group'
Parent Policy: Cisco-Device
Rules:
Create a new rule and create a new condition. For the expression, select CDP>cdpCachePlatform. Then select CONTAINS from the drop down in the next field. And type Room Kit into the last field. Change the number that the certainty factor increases to match the minimum certainty factor configured above.
Save the policy and it should start profiling room kits. Then use the created matching identity group in your policy sets to permit the devices.
Sidenote: It should be a part of standard config, but you need to have device-sensor settings configured on the switch the room kit is connected to, for ISE to receive the CDP data.
Example:
device-sensor filter-list cdp list TLV-CDP
tlv name device-name
tlv name address-type
tlv name capabilities-type
tlv name version-type
tlv name platform-type
device-sensor filter-spec cdp include list TLV-CDP
!
device-sensor accounting
device-sensor notify all-changes
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide