Solved: MAC lookup on PSN during Posture

ggmeza1983 · ‎10-24-2022

Hi, I am configuring posture on cisco ise 2.6 with 4.x CM.

We have a problem when a client connect with anyconnect. We have on radius live log the wireless mac address, but on the log, we can check that ise psn make a lookup mac session from another net link, specifically the mac of virtual lan generated by microsoft windows direct. This generate the message discovery not detected when try the posture scan check.

How can i solve this issue? we have configured as priority lan, then wifi. Maybe any configuration on nam can solve this?

Thanks.

Thanks in advance.

thomas · ‎11-09-2022

I don't know what "4.x CM" is. Please be specific.

I don't understand your description of the problem. You are doing wireless but I don't understand the MAC lookup. If you are trying to do MAC Authentication Bypass (MAB) it should be done on the PSN directly. I don't understand what you mean that it is doing a lookup for the MAC session on another net link.

Posture would be a totally separate issue.

You need to include actually ISE LiveLog details and probably policy details you are expecting if it is not matching.

We do not have enough information which is probably why nobody else has responded for 2 weeks.

Consider calling TAC to help with your questions.

How to Ask The Community for Help

This

View solution in original post

thomas · ‎11-09-2022