Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3384
Views
0
Helpful
6
Replies

ISE Using my device Portal , devices still in pending registration status

mmunozrosas
Level 1
Level 1

‎05-15-2014 03:19 PM - edited ‎03-10-2019 09:43 PM

Abstract:
I'm on ISE 1.2 patch 8.
We want give access wireless to devices mobile using 802.1x with Active Directory. The condition is that he previously the user must register mobile device in "my device portal"


-The corporate user connected from the LAN network,   login in "my device portal"  using their active directory account and register your device.
-The policy defined in ISE indicates that 802.1x users in a group of AD and over condition "RegistredDevices" can access to the network (see screen 1)


-Users access the wireless network from your mobile device by entering its name from AD and finally accesses the network.
-From my "devices portal" devices always shows “Pending” status. All works as expected except for this situation.



Can you please help?

Regards,

Marco Muñoz

3 people had this problem
Labels:
0 Helpful
6 Replies 6

Saurav Lodh
Level 7
Level 7

‎05-16-2014 01:03 AM

Have you tried selecting and deleting the endpoints from ISE's endpoint database? Delete them and reregister

0 Helpful

mmunozrosas
Level 1
Level 1
In response to Saurav Lodh

‎05-19-2014 06:13 AM

does not work, still in pending status.

 

 

0 Helpful

Patrick de Bruin
Level 1
Level 1
In response to mmunozrosas

‎08-09-2014 01:32 AM 

It looks like you dont have any provisioning profiles configured.

Under Admin settings make sure client provisioning is enabled. Try to set native supplicant provisioning policy unavailable: to Allow Network Access.
0 Helpful

nspasov
Cisco Employee
Cisco Employee

‎08-10-2014 08:58 PM

I had seen this before and it was due to a bug. What version and patch are you running ?

 

Thank you for rating helpful posts!

0 Helpful

tony.sangha
Level 1
Level 1

‎08-25-2014 05:54 PM

I am also seeing the same issue, we are running version 1.2.1 with patch 1 (latest).

Please see below of my Endpoints output from ISE.

Any ideas?

Preview file
16 KB
0 Helpful

mbilgrav
Level 3
Level 3

‎10-01-2015 02:56 AM

I use ISE 1.3 and experience the same - did you ever get this sorted out ?

 

 

What I am trying to do, is to make a portal where super-users can add MAC adresse, which the in turns are allowed on the LAN.
Devices like printers, and other devices not running dot1x supplicants, and are not profilled.
I have noticed the new device portals, in the ISE 1.3 and also the auto-purge function. I kinda like it and want to use these features to support MAB devices via MAC Address Bypass, managed by super-user (AD integrated login)
But I need to fully understand the flow.


When I add a MAC via the mydeviceportal, it says the state i "pending"
When will a device registered via device portals, go to state "registered" ?
and hence stay in the InternalIdentityStore

http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/mydevices/b_mydevices_13.html

0 Helpful
Customers Also Viewed These Support Documents