11-09-2016 12:39 PM - edited 03-11-2019 12:13 AM
Hi,
I've installed ISE 2.1 with patch 1.
I have a question about session timing on Cisco ISE.
If a NAD receives an Access_Accept message for an endpoint, ISE installs a session that is visible on Live session section.
If the endpoint disconnects from the network, which is the timeout for that session?
Is it possible to tune this timer?
I try to terminate the session with the CoA Action on Live Session but this action fails because my switch doesn't support CoA.
So I reboot Cisco ISE and only after its reloading the session is removed.
In a case that it is not possible to use the "terminate" functionality, is it possible to remove the session in another manner?
Thanks in advance
Antonio
Solved! Go to Solution.
11-09-2016 02:19 PM
Hi Antonio,
But your NAD should send
For manual
http://www.cisco.com/c/en/us/td/docs/security/ise/1-4/api_ref_guide/api_ref_book/ise_api_ref_ch2.html#pgfId-1072950
You might also be interested in below discussion:
https://communities.cisco.com/thread/61587?start=0&tstart=0
Regards,
Kanwal
Note: Please mark answers if they are helpful.
11-09-2016 02:19 PM
Hi Antonio,
But your NAD should send
For manual
http://www.cisco.com/c/en/us/td/docs/security/ise/1-4/api_ref_guide/api_ref_book/ise_api_ref_ch2.html#pgfId-1072950
You might also be interested in below discussion:
https://communities.cisco.com/thread/61587?start=0&tstart=0
Regards,
Kanwal
Note: Please mark answers if they are helpful.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: