This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
any idea why i have iPhones being profiled as Cisco-Switches???
MAC Address: 2C:33:61:8B:87:BB
Endpoint Profile: Apple-iPhone
Current IP Address: 18.104.22.168
Static Assignment true
Endpoint Policy Apple-iPhone
Static Group Assignment false
Identity Group Assignment Apple-iPhone
No data found. Add custom attributes here.
Device Type Device Type#All Device Types#WLC
EndPointPolicy Apple-iPhone <- I forced this to get the device onto the wifi
EndPointSource NMAP Probe
LastNmapScanTime 2019-Dec-17 10:39:18 EST
Location Location#All Locations#Campus
LogicalProfile Apple-iDevices,Mobile Devices,Apple-iDevices
MDMModel iPhone 7
MDMOSVersion iOS 13
NAS-Port-Type Wireless - IEEE 802.11
OUI Apple, Inc.
SelectedAuthorizationProfiles WLAN FULL ACCESS
Total Certainty Factor 10
operating-system Cisco Nexus 7000 switch (NX-OS 4.2.6) (accuracy 99%)
operating-system-result Cisco Nexus 7000 switch (NX-OS 4.2.6) (accuracy 99%)
okay i can see why it was profiled as such based on the nmap scan result.
so now i'd like to know why the nmapOSscan thinks the iphone is a Nexus OS device. where can i see the results of that scan? and why on earth would it get that kind of result? i mean this is the 10th or 11th iteration of this product and it still isn't profiling things properly. and it's not like this was a brand new phone or something, this is an iphone7.
Have a look at bug CSCuz62668 (ISE NMAP probe profiles iPad and iPhone as Cisco-Device).
It is listed as fixed but doesn't give a fixed release version.
Also, other thread with same issue is below:
Per the bug ID that @andrewswanson mentioned, it is recommended to disable the NMAP OS scan for apple devices. I had to do this in my ISE 2.4 P9 environment for a different issue, and Apple devices on my wireless network still get profiled properly due to the User-Agent attribute being passed. Unfortunately, the User-Agent is only passed via wireless and not the hard line, but it avoids mis-classification of apple devices caused by NMAP scans.