cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
531
Views
0
Helpful
1
Replies

ISE M1 mac profile issues

emolstad
Level 1
Level 1

I am running into issues within my ISE environment. New M1 macbook Pros are being profiled correctly. ISE is seeing them as Apple-devices and then into our child policy of iphone.  Our MacBook profile rules are as follows.'

Name
Apple-MacbookRuleCheck5
Description
Apple-MacbookRuleCheck5
Expression
IOTASSET:assetSwRevision CONTAINS Mac OS X
Name
Apple-MacbookRuleCheck4
Description
Apple-MacbookRuleCheck4
Expression
IOTASSET:assetHwRevision CONTAINS MacBook
Name
Apple-MacbookRuleCheck6
Description
Apple-MacbookRuleCheck6
Expression
DHCP:dhcp-class-identifier CONTAINS MacBookPro
Name
Apple-DeviceRule1Check1
Description
Apple-DeviceRule1Check1
Expression
MAC:OUI CONTAINS Apple

 

Name
Apple-MacbookRuleCheck3
Description
Apple-MacBookRuleCheck3
Expression
NMAP:operating-system CONTAINS Apple Mac OS X

 

Name
Apple-MacBookRuleCheck1
Description
Apple-MacBookRuleCheck1
Expression
IP:User-Agent CONTAINS Macintosh

 

Name
Apple-MacBookRuleCheck2
Description
Apple-MacBookRuleCheck2
Expression
IP:User-Agent CONTAINS Mac OS

 

1 Reply 1

@emolstad what ISE profiling probes do you have configured in ISE and on the NADs (switches or WLC)? ISE will need to learn information about the device from DHCP, an NMAP scan or the User Agent (if using a web portal).

Profiling design guide for your reference.

https://community.cisco.com/t5/security-knowledge-base/ise-profiling-design-guide/ta-p/3739456#toc-hId-1213416941