Creating "Client provisioning Policy" in Monitor mode

rezaalikhani · ‎03-13-2024

Hi all;

As you can see below, we can create a Client Provisioning Policy in Monitor mode:

Now, when the BYOD user tries to follow the BYOD flow, he/she encounters the following error (as expected, based on Cisco's doc):

Based on Cisco's official doc:

Selecting Monitor option, disables the policy and “watches” the client-provisioning session requests to see how many times ISE tries to invoke based on the “Monitored” policy.

The "disabling the policy" is expected as we can see in the above image. But, the second one is somehow confusing. How can we "watch" this activity?

Thanks

ahollifield · ‎03-13-2024

Client Provisioning Report. What is the use-case for BYOD in the first place though? Why not use an MDM instead?

rezaalikhani · ‎03-14-2024

@ahollifield wrote:
Client Provisioning Report.

As of my testing, the only predefined report that appears to be impacted or utilized in this operation is the "Supplicant Provisioning" report. You were right if I utilize the Posture Assessment module...

@ahollifield wrote:
Why not use an MDM instead?

Because of cost...

Thanks anyway

Creating "Client provisioning Policy" in Monitor mode

[文档翻译]Monitor Mode and Watch Mode

"Wi-Fi Direct Clients Policy" Modes

NX-OS(Standalone) modeからACI modeへの変更時の注意事項

About option "Verify Client Certificate" in Mail flow Policy

Chromebooks & "Client is blacklisted due to IP address theft policy"