This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
I'd like to create periodic updates from my 2960x 15.2(2)E7 device to my Cisco ISE server. I am wondering if the global level command needs to work in conjunction with some interface level commands and if so what. My desired end goal is to be able to send periodic accounting packets to the Server without interface level configuration needing to be applied.
aaa accounting update periodic 5
switchport mode access
switchport access vlan X
Will the device ever send an interim packet to the server if all other configuration regarding that process is configured correctly. I have a need to put images on brand new computers over the network without authenticating the MACs of those devices first. I have to strip dot1x off of these "imaging ports" to make this possible but I'd still like the server to get some information about these devices so that said information is available when/if I decide to tell the server that the device in question may access the network through a dot1x enabled port.
Bonus: This ability would give my server the ability to see information about devices connected to non dot1x ports on my network that I might not know about and thus would help me to secure the network by addressing those ports on a case by case basis.
Am I dreaming or is this possible?
Solved! Go to Solution.
hi @Damien Miller ,
Is there any document about this matter which states that ISE accounting behavior stores in in 5 days. I think 5 days is so long, can we change it like a day? Thanks