07-15-2020 05:41 AM
Hi
I just got an concern, i have noticed that my Ip phones and cameras that connect via MAB on ISE are in an unauth state after a few days when a run the "Show Access-sessions command". Currently my ISE Environment is in monitor mode and both ip phones/cameras are working just fine at the moment. What will happen when i enforce? Will my cameras and phones stop working ?
07-15-2020 06:39 AM
If those devices are passing traffic regularly, then they should not be going into an unauth state. You can try to do reauthentication (session-timeout) at least every 24 hours. I recommend doing that anyway so that ISE has an updated list of what devices have been authenticated every 24 hours.
07-15-2020 04:50 PM
In addition to Colby's comments, you should compare your switch configuration against the examples in the Secure Wired Access Prescriptive Deployment Guide paying particular attention to the "aaa accounting update newinfo periodic" and "authentication periodic" commands.
07-15-2020 11:52 PM
Thanks Greg and Colby for the info, will do some reading today on the topic.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide