I have a group of devices that I want to create a new Profiling Policy for based off their MAC Addresses. All of the devices all start with the same first 8 characters of their Mac Address.
So I created a new Profiling Policy (*Policy > Profiling > Profiling Policies). In there I added 1 Rule, which is the only rule right now for "MAC:MACAddress STARTSWITH aabbccdd".
Then, I went to my Wired Policy Sets. Created a new Authorization Policy with only one condition for "Endpoint Identity Groups:Profiled: my_profile_name".
Lastly, I plugged in the device. But, it's showing up as Unknown, instead of matching the Profiling Policy...
I also noticed there's Profiling Conditions in Policy > Policy Elements > Conditions > Profiling.... So I also added a policy condition there that does the same thing as the Profiling Policy I described above with the Mac Address starts with.... But, I assume this "condition" needs to be applied somewhere.
I'm thinking I'm missing something. Could anyone lend a hand with this, or point me in the right direction?
Checked the Profiling Policy and it is enabled and I had both Certainty Factors set to 10. Not sure if it mattered, so changed them both to 5 and saved the policy. The Policy Name is called "Zoom_Phones".
The only Rule is that it needs to match the first 8 characters of the MACAddress.
Here is the Policy Set:
Now, when I check Radius Live Logs, I just get "Deny Access", and the Endpoint Profile showing as "Unknown". The first 8 characters of the MAC Address definitely matches the Rule in the Profiling Policy. I also tried plugging in a second device, also with the same first 8 in the MAC and it's getting the same result.