Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
539
Views
5
Helpful
1
Replies

Apple end points not profiling and not Communicating CoA to WLC

rschwart
Level 1
Level 1

‎10-25-2019 02:51 PM

We noticed recently that ISE suddenly stopped profiling Apple Devices, they would change after a few minutes to the correct profile, iPad, iPhone and OS-X. We implemented a policy to send Apple-Device to the provisioning page, this worked up until  we installed patch 10 (2.4). Suddenly "all" (including all stately set) previously correctly profiled devices became Apple-Device, having to go to the provisioning portal. When portal has completed, ISE did not send the correct information to the WLC, so the clients, were sitting in non-compliant and not able to get on the wireless network. I don't know if this is patch 10 or a new profile sent down to ISE, or both. We segment mobile devices iPad etc from laptops on our wireless.

We did work with TAC and made fix, but not a solution. Users have to hit the provision portal then, turn off wireless wait 5 minutes and connect.

 

Any ideas, suggestions, thoughts, etc.

 

Thanks

0 Helpful
1 Reply 1

Marius Gunnerud
VIP
VIP

‎10-25-2019 03:13 PM

How are you profiling the Mac PCs? If you are not already doing so, try profiling using DHCP option 55

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116235-configure-ise-00.html

--
Please remember to select a correct answer and rate helpful posts
Customers Also Viewed These Support Documents