cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3651
Views
5
Helpful
10
Replies

ISE Active Endpoints in 0

edisonguerrero
Level 1
Level 1

Hi community,


I have a dashboard ISE issue I think... The metrics about "Active Endpoints", "Rejected Endpoints", "Anomalous Behavior" and "Authenticated Guests" shows 0 in all of them. Meanwhile the "Total Endpoint" metric show over 23k as you can see in the image attached. I can see successful authentications in the Radius Live Logs either the domain users or the guest users.

 

If I check the "endpoints" section, the "authentications status" shows that 100% of the devices are disconnected (2nd Image) and even the base license appears consumed by almost 6k but the license is just to 2k as you can see in the 3rd image.

 

There are 1K users in the organization, so the numbers of "Total Endpoints" and "License Consumed" is hard to get.

 

What could it be? The ISE version corresponding to 2.3 patch 4.

1 Accepted Solution

Accepted Solutions

I see you have accounting enabled. if you have wireless clients, enable Radius accounting from controller as well. 

As Jason suggested, please open a TAC case to debug further. 

View solution in original post

10 Replies 10

Cory Peterson
Level 5
Level 5

Do you have any live logs?

Hi Cory,

 

Yes, I have live logs as you can see in the attached image...

Go to context visibility > endpoints > filter with status connected. Do you
see any endpoint? Most likely it will be zero

Do you have RADIUS accounting enabled on your network devices?

Hi Paul,

 

Yes, it is enabled on the netowrk devices... The config about the accounting on the switch's is the next:

 

aaa authentication login default local
aaa authentication dot1x default group ISE-RADIUS
aaa authorization exec default local
aaa authorization network default group ISE-RADIUS
aaa accounting dot1x default start-stop group ISE-RADIUS
aaa accounting update periodic 5

Hi,

 

With the filter "connected" doesn't appears any connected endpoint..

Are you sending radius accounting packets to Ise? If you’re recommend contact the tac to dig deeper

Nidhi
Cisco Employee
Cisco Employee

Can you send screenshot of live sessions from ISE

Hi Nidhi,

 

Yes, I can see some live logs... 

I see you have accounting enabled. if you have wireless clients, enable Radius accounting from controller as well. 

As Jason suggested, please open a TAC case to debug further.