Solved: Re: IP Device Tracking - Cisco Community

761

Views

2

Helpful

3

Replies

Hi guys. I want to find out about the usage of device tracking feature on Cisco switches.

When we use that?

2 Accepted Solutions

Accepted Solutions

You have dACL push to SW

This dACL is permit ip any any'

But each host have IP

Here device tracking work

It make SW detect IP of endpoint and re-config acl to be

Permit ip host <> any

MHM

View solution in original post

There is also a section on this feature in the ISE Secure Wired Access Prescriptive Deployment Guide

View solution in original post

3 Replies 3

You have dACL push to SW

This dACL is permit ip any any'

But each host have IP

Here device tracking work

It make SW detect IP of endpoint and re-config acl to be

Permit ip host <> any

MHM

Strange example @MHM Cisco World - what does Device-Tracking have to do with dACL?

Device-Tracking can be enabled on any switch that supports this feature, and its primary purpose is to map the L2<->L3 on interfaces where it's configured. It literally tracks the device's L3 address, and gleans IPv4 addresses via DHCP Snooping (if configured) or via ARP probes - and in the case of IPv6, it gleans IPv6 addresses via the ND (Neighbor Discovery) ICMP packets.

There is also a section on this feature in the ISE Secure Wired Access Prescriptive Deployment Guide

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community