11-19-2019 06:58 AM
Ever since deploying ISE 2.4 patch 9 with ASA to offer AnyConnect RAVPN services to BYOD users by checking against MDM/AirWatch for AD group membership and AirWatch device registration status we have had continuous issues with ISE reporting DeviceRegisterStatus equals false mainly for LAN connected users over the VPN. WLAN connected users over the VPN usually don't have issues. Cisco TAC wanted us to bounce the external MDM account in ISE by removing the currently defined external MDM source in ISE and then adding it again to see if ISE will utilize MDM v2 to perform queries instead of MDM v1. We want ISE to utilize UDID when making a query to AirWatch on an endpoint instead of MAC address.
Has anyone run into this issue before? I'm going to test this in the lab today and will report back my findings.
Solved! Go to Solution.
12-07-2019 12:53 PM
I've NOT heard of such issue before. Please ask TAC to escalate if needed.
12-07-2019 12:53 PM
I've NOT heard of such issue before. Please ask TAC to escalate if needed.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide