10-27-2023 02:50 AM
Hello, everyone
I use Cisco ISE 2.7 in my infrastructure. I would like to ask you whether it is possible to add the mac addresses of devices to MAB Groups and to add a time parameter after which such a MAC should be automatically deleted.
For example:
I add the mac address of a PC which has to be in a group only today. After e.g. 8h, the ISE automatically deletes the MAC from the respective MAB group and this PC is treated as a guest PC.
Solved! Go to Solution.
10-27-2023 09:07 AM
You could do this a couple of ways. If you're using the guest registration and guest portal function in ISE you can set time limits the account is valid for.
You could also use the ISE endpoint purge policies to remove mac addresses from the identity group and ISE but this is a daily scheduled job. It can use elapsed days as a check for this use case.
10-27-2023 09:07 AM
You could do this a couple of ways. If you're using the guest registration and guest portal function in ISE you can set time limits the account is valid for.
You could also use the ISE endpoint purge policies to remove mac addresses from the identity group and ISE but this is a daily scheduled job. It can use elapsed days as a check for this use case.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide