Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
930
Views
0
Helpful
4
Replies

ISE profiling POV with WLC

Go to solution
ktoyoshi
Cisco Employee
Cisco Employee

‎05-27-2019 08:16 PM

Hi,

I'd like to confirm if ISE profiling work well with accounting (without authentication) traffic from device sensor enabled WLC.

Under customer POV, we can change accounting configuration on existing WLC but its authentication have to be done by other RADIUS.

Best Regards,

Kaori

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
ktoyoshi
Cisco Employee
Cisco Employee
In response to ktoyoshi

‎05-27-2019 10:34 PM

I found the answer from the link you shared. It says "Device Sensor can be deployed across wired access switches and wireless controllers for both RADIUS-authenticated environments and other types of deployments such as a pre-ISE discovery phase." So my concern is clear. Thanks for your help.

 

Best Regards,

Kaori 

View solution in original post

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎05-29-2019 10:01 AM - edited ‎05-29-2019 11:29 AM

This may work but if there is no valid session how is it supposed to show? Are you going to do authorization on ISE?

I would recommend testing it as its not something we focus on

 

https://community.cisco.com/t5/identity-services-engine-ise/ise-profiling-on-wired-using-radius-probe-and-accounting-no/td-p/3516956

View solution in original post

0 Helpful
4 Replies 4

Go to solution
pan
Cisco Employee
Cisco Employee

‎05-27-2019 10:03 PM

ISE can get data with the help of below probes: RADIUS probe is one of them. You can configure ISE for other probes (DHCP, NMAP, Active directory, NMAP)

 

profilling-1.png

 

Kindly refer below doc:

 

https://community.cisco.com/t5/security-documents/ise-profiling-design-guide/ta-p/3739456

0 Helpful

Go to solution
ktoyoshi
Cisco Employee
Cisco Employee
In response to pan

‎05-27-2019 10:18 PM

Thank you for comment. We're checking the other probe possibility but would like to understand if WLC accounting is one of the solution or not. Do you mean accounting only won't work?

0 Helpful

Go to solution
ktoyoshi
Cisco Employee
Cisco Employee
In response to ktoyoshi

‎05-27-2019 10:34 PM

I found the answer from the link you shared. It says "Device Sensor can be deployed across wired access switches and wireless controllers for both RADIUS-authenticated environments and other types of deployments such as a pre-ISE discovery phase." So my concern is clear. Thanks for your help.

 

Best Regards,

Kaori 

0 Helpful

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎05-29-2019 10:01 AM - edited ‎05-29-2019 11:29 AM

This may work but if there is no valid session how is it supposed to show? Are you going to do authorization on ISE?

I would recommend testing it as its not something we focus on

 

https://community.cisco.com/t5/identity-services-engine-ise/ise-profiling-on-wired-using-radius-probe-and-accounting-no/td-p/3516956

0 Helpful
Customers Also Viewed These Support Documents