Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1767
Views
5
Helpful
2
Replies

ISE 3 Seeing non RADIUS Active Endpoints

Go to solution
mlcsu.ciscosmart1
Level 1
Level 1

‎07-13-2021 09:01 AM - edited ‎07-13-2021 10:01 AM

We have a strange scenario on our ISE 3 deployment. We have a single WLAN for clients authenticating to ISE with EAP-TLS via a 5520 WLC on v8.2. The WLAN has the ISE deployment as the Authentication and Accounting servers. We have 10 other WLANS that do not ustilise ISE for AAA, however the authentications for these appear in 'Active Endpoints'. I can't figure out how these are appearing in ISE as none of them have accounting pointing to that deployment. Has anyone seen this? Is this normal behaviour and if so - how is ISE getting this data?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marcelo Morais
VIP
VIP

‎07-13-2021 03:25 PM

Hi @mlcsu.ciscosmart1 ,

 please use the: Operations > Troubleshoot > Diagnostic Tools > General Tools > TCP Dump and

 filter with: ip host <Host IP Addr>

 to check where you are receiving the AuthC request from.

 

Hope this helps !!! 

View solution in original post

2 Replies 2

Go to solution
Marcelo Morais
VIP
VIP

‎07-13-2021 03:25 PM

Hi @mlcsu.ciscosmart1 ,

 please use the: Operations > Troubleshoot > Diagnostic Tools > General Tools > TCP Dump and

 filter with: ip host <Host IP Addr>

 to check where you are receiving the AuthC request from.

 

Hope this helps !!! 

Go to solution
Massimo Baschieri
Level 3
Level 3

‎07-13-2021 09:10 PM

Be sure to completely disable authentication and accounting on the wlc for the non 802.1x ssids into security/aaa servers tab 

0 Helpful
Customers Also Viewed These Support Documents