Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1597
Views
0
Helpful
1
Replies

Endpoints profiled, yet still unknown - ISE 2.1

Go to solution
Gustavo Novais
Level 1
Level 1

‎04-11-2017 02:14 AM

Hello,

My customer asked me to customize some of its profiling policies, namely to identify domain machines and which type. that was working fine.

Coming back one week after, I do see that some of the devices (7k in a universe of 26k) have an Unknown endpoint policy, yet when checking their details and profiled attributes I do see the attribute MatchedPolicy = windowsADpolicy as if they were correctly profiled (and they were last week).

None of the devices has had any static assignment (profile or identity group)

I see some Profiler queue size limit reached events in the alarms. Would bypassing the queue limit make as such as these devices are not set to the proper endpoint policy, even though they do match the correct profiling policy ?

The active profiler probes are DHCP, AD, DNS, SNMP, NMAP and RADIUS.

Has anybody seen similar behaviour or explain this strange behaviour?

Regards

Gustavo

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎04-11-2017 06:21 AM

I would suggest a TAC case as well to investigate

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎04-11-2017 06:21 AM

I would suggest a TAC case as well to investigate

0 Helpful
Customers Also Viewed These Support Documents