cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

315
Views
0
Helpful
0
Replies
Highlighted
Beginner

API for CoA - disconnect with port bounce

Hello,

 

I am trying to use the monitoring API for CoA as detailed in - https://www.cisco.com/c/en/us/td/docs/security/ise/2-4/api_ref_guide/api_ref_book/ise_api_ref_ch4.html

 

I have successfully retrieved the endpoint details based on the MAC address and now I want to initiate a port-bounce disconnect but ISE is not allowing me to do so and returns 'false' in the results field.

 

The documentation mentions the following fields but doesn't really explain them, could someone please assist if they've managed to get this working:

 

<Disconnect> = This isn't a variable I think? It's just "Disconnect"?

<serverhostname> = Is this the PSN that authenticated the last session or the monitoring node?
<macaddress> = MAC address of the endpoint I want to disconnect

<portoptiontype> = 0, 1 or 2 as per the documentation so 1 for port-bounce

<nasipaddress> = IP of the switch/AP the device is connected to

<destinationipaddress> = IP address of the client? Sometimes this isn't available.

 

Here's an example call with details changed:

 

https://mymntnode.fqdn/admin/API/mnt/CoA/Disconnect/mypsnnode/00:CC:0C:01:05:04/1/10.5.5.1/10.5.28.176

 

The details are correct as per the 'admin/API/mnt/Session/MACAddress/00:CC:0C:01:05:04' call but I always receive:

 

<remoteCoA requestType="disconnect">
<results>false</results>
</remoteCoA>
 
Any ideas appreciated. This is on ISE 2.2 patch 9.
 
Thanks,

Dave
Everyone's tags (3)