04-21-2019 10:39 PM
We're running ISE 2.3.0.298 P3 with Primary/Secondary Administration, Policy, and Monitoring nodes in a VMWare environment.
We manually add MAC addresses to the Blacklist Identity Group in order to quarantine non-compliant Windows workstations. This process has been working fine until several weeks ago we discovered MAC addresses manually removed from the Blacklist would re-add themselves within several hours.
According to the guides we perform all updates from the Primary Node Application Node so not sure why the Blacklist is behaving this way.
Thank you,
Scott Moyer
Solved! Go to Solution.
04-22-2019 08:33 PM
I am not sure what is the impact of the action you described in your network. Whether ISE is allowing non-compliant devices etc. Please call TAC if you still have issues.
-Krishnan
04-22-2019 08:33 PM
I am not sure what is the impact of the action you described in your network. Whether ISE is allowing non-compliant devices etc. Please call TAC if you still have issues.
-Krishnan
04-22-2019 09:12 PM - edited 04-22-2019 09:16 PM
As I stated initially, we MANUALLY add/remove non-compliant devices from the Blacklist....there is no automatic blacklisting in place at this time.
The impact is that some systems are, for some reason, adding themselves back to the Blacklist (thereby disconnected from the network) after we MANUALLY remove them. This ONLY happens to systems that were previously in the BLACKLIST group before.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide