ISE RADIUS does not display IP address information

lin.yang2 · ‎06-13-2022

在与第三方wirless AC做radius对接时（802.1x 认证），发现用户认证后在raduis livelog 不显示用户认证成功后的IP地址信息,再筛选Session时，没有任何Session，只有用户认证成功Passed记录，为什么？

When doing radius docking with a third-party wireless AC (802.1x authentication), it is found that the IP address information after user authentication is not displayed in the raduis livelog after user authentication. Why?

MHM Cisco World · ‎06-14-2022

you need dhcp probe (profiling) to make ISE know the IP address.

Arne Bier · ‎06-16-2022

@lin.yang2 - as @MHM Cisco World mentioned, since the NAD is Huawei, I don't believe they have the Cisco Device Sensor feature which does things like CDP/LLDP/HTTP/DHCP snooping and then feed that into ISE via RADIUS Accounting. For such third party vendors, you will need to enable the DHCP Probe on your ISE PSN's (you need Plus/Advantage licenses for Profiling) and then tell your Layer 3 devices to send DHCP broadcasts to ISE (just add ISE PSN IP addresses to the list of DHCP forwarders) - in the Cisco world this is known as the "ip helper" command

dimi.kard · ‎11-26-2024

Hello,

i have a similar issue with fortinet managed switched, although endpoint status seems connected cisco ise is missing ip address of the authenticated endpoint device. Fortiswitch has dhcp snooping enabled port is in untrusted stated.Any guess why this occurs or should i open a ticket to Fortinet ?

MHM Cisco World · ‎11-26-2024

make new post please

MHM