10-31-2019 12:23 PM
I have a bunch of Mac OS laptops in my environment and I am relying on the NMAP scan for most of my wired endpoints (Can't get the IP User-Agent attribute on wired), so I kick off an NMAP scan. The problem is that the NMAP scan nearly always believes the OS is Yosemite (10.10). This is clearly not the case as most of my MacOS machines are High Sierra or Mojave. Any idea why the NMAP scan isn't working correctly?
Solved! Go to Solution.
11-01-2019 10:36 AM
@Josh Morris wrote:
@howon I am running v2.2 patch 14
@Jason Kunst I am running device sensor on all my switches and am getting reliable Radius and DHCP data. But since I am not using any portal or redirect, I do not get HTTP data. I do on wireless, however.
You should redirect to portal to get the best result as @howon mentioned nmap is not the best option
11-01-2019 08:18 AM
What version of ISE are you running? NMAP OS detection isn't reliable as other sources such as DHCP or HTTP based detection.
11-01-2019 09:31 AM
To build off @howon advice why aren't you using Cisco IOS switches with device sensor -https://community.cisco.com/t5/security-documents/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515
and otherwise redirecting to a portal for http user agent string detection
11-01-2019 09:54 AM
@howon I am running v2.2 patch 14
@Jason Kunst I am running device sensor on all my switches and am getting reliable Radius and DHCP data. But since I am not using any portal or redirect, I do not get HTTP data. I do on wireless, however.
11-01-2019 10:36 AM
@Josh Morris wrote:
@howon I am running v2.2 patch 14
@Jason Kunst I am running device sensor on all my switches and am getting reliable Radius and DHCP data. But since I am not using any portal or redirect, I do not get HTTP data. I do on wireless, however.
You should redirect to portal to get the best result as @howon mentioned nmap is not the best option
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: