Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1452
Views
0
Helpful
4
Replies

How endpoints are added to the database of ISE?

sroberts
Level 1
Level 1

‎05-10-2013 07:22 AM - edited ‎03-10-2019 08:25 PM

Hi all,

I just activated two ISE servers in production, everything works fine but when i look to the endpoints database i already have

5000 endpoints in less than 12 hours.

The envirronment is public..meaning that people are coming in for a few hours and than leave.

We basically use ISE 1.1.2 for wireless authentication. We have two SSID... One private SSID using 802.1x and one open SSID for free WiFi.

So the private SSID use ISE for authenticating the users and the open SSID does not use ISE at all for authentication or CWA..

NO mac authentication is defined on the open WLAN also.

95% of the endpoints i see seems to come from devices that have connected on the free wifi. I can see their ip addresses

Why are they learned by ISE and how? I suspect that it's because i have activated Radius probe in ISE because the endpoint

source is saying that in the logs.

Is there a way to stop learning all theese endpoints? I want to learn only those connecting on the private network.

thanks for your help.

Stephane

Labels:
0 Helpful
4 Replies 4

Jatin Katyal
Cisco Employee
Cisco Employee

‎05-10-2013 08:30 AM

I need to know if have you configured radius probe on the WLC for public SSID?

Jatin Katyal


- Do rate helpful posts -

~Jatin
0 Helpful

mojuneja
Level 1
Level 1
In response to Jatin Katyal

‎05-10-2013 11:08 AM

You might have mistakenly enabled probes on ISE node and also configured required probes settings on WLC.

Disable enabled probes and remove configured settings from WLC. Your problem would get resolved.

0 Helpful

sroberts
Level 1
Level 1
In response to mojuneja

‎05-13-2013 08:23 AM

Hi,

thanks for the replies..

On the WLC side, the NAC state is set to NONE on the public WLAN. On the private WLAN, i have it set to radius NAC.

On the ISE side, i do have DHCP, HTTP, DNS and Radius enabled in the profiling configuration tab on both servers.

Like i have mentionned 95% of the endpoint i see are from this public WLAN and the end point source is Radius.. The thing

i don't undertstand is why i do see them has RADIUS probe when ther is no radiusauthention on this WLAN?

I can disable the radius probe on my ISE servers but i will lose some profiling on the private WLAN.

What are your thoughs?

thanks

0 Helpful

manjeets
Level 3
Level 3

‎05-21-2013 03:32 AM

Disable enabled probes and remove configured settings from WLC. Your problem would get resolved.

0 Helpful
Customers Also Viewed These Support Documents