Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
862
Views
0
Helpful
3
Replies

Manually added guest endpoint gets purged to early

patoberli
VIP Alumni
VIP Alumni

‎07-07-2023 01:40 AM

Hi All

I've got an ISE 3.1 P4 and have a slight issue. I have a guest portal running, where a user can register his device for 365 days. I do have a few guest clients with hardcoded proxy settings, so those MAC addresses I manually add into the group "Guest_Yearly-SelfRegistration". For this group exists an Endpoint Purge rule: ENDPOINTPURGE:ElapsedDays GREATERTHAN 365

So nothing to special as far as I can see. But for some unknown reason, this device gets deleted after a day or two already and there is no purge rule that deletes Endpoints after a day.

The profiler.log shows this (first client was added through the guest portal, the second manually added to the group on the ISE):

Deleted:
2023-07-05 03:00:09,168 INFO [EPPurgeEventHandler-20-thread-1][] profiler.infrastructure.probemgr.event.EPPurgeEventHandler -::::- Endpoint44:E5:17:00:00:00 IdentityGroupIDdc567bb0-986b-11eb-b510-622d20326f3e identityGroupGuest_Yearly-SelfRegistration elapsedTime70 inactivityTime0 PurgeDeleteStatustrue CalledStationID00-00-00-00-00-00 EndpointFetchedFromCachetrue

This one was not deleted:
2023-07-05 03:00:09,061 INFO [EPPurgeEventHandler-20-thread-1][] profiler.infrastructure.probemgr.event.EPPurgeEventHandler -::::- Endpoint42:FA:E1:00:00:00 IdentityGroupIDdc567bb0-986b-11eb-b510-622d20326f3e identityGroupGuest_Yearly-SelfRegistration elapsedTime21 inactivityTime0 PurgeDeleteStatusfalse CalledStationID00-00-00-00-00-00, 78-bc-1a-90-54-60:SSID EndpointFetchedFromCachetrue

Any idea why the first one gets deleted?
Shall I turn on the debug logs and then check on the next day, or is there some other, better log for this?

Thanks
Patrick

0 Helpful
3 Replies 3

Aref Alsouqi
VIP
VIP

‎07-07-2023 09:27 AM

It does seem to be a bugy behaviour. I would recommend to upgrade to the latest patch which I believe it is patch 7 as of today.

0 Helpful

Rodrigo Diaz
Cisco Employee
Cisco Employee

‎07-08-2023 09:05 AM

Hi Patrick, I would  check as you suggest with debugs and accounting reports related to the endpoint that you mention that has the problem. As it was suggested you can install latest patch and verify with debugs and reports to see if the behavior you are seeing matches. 

Let me know if that helped you. 

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to Rodrigo Diaz

‎07-11-2023 06:31 AM

Thanks Aref and Rodrigo. Once I have a test client again, I'll enable the Debug logs. I can't patch this system very soon though.

0 Helpful
Customers Also Viewed These Support Documents