Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
648
Views
1
Helpful
2
Replies

MDM ISE policy getting stuck

Go to solution
rschwart
Level 1
Level 1

‎06-08-2018 12:56 PM

We are implementing JAMF MDM on our campus. I have 2 policies one to check registration in the MDM and send unregistered devices to the MDM portal. The second policy allows the registered devices on to the network. Where I seem to be stuck is after the device is registered there is no check to allow the endpoint on the network. I've attached the 2 policies. Am I missing something, that would force this check to allow the endpoint on the network after registering? 

Preview file
51 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Nidhi
Cisco Employee
Cisco Employee

‎06-11-2018 04:10 AM

Hi Roger,

The policy looks fine . 

After registration, CoA has to be triggered for the endpoint to re authenticate.

can you please enable prrt_srv log  to check the issue.

Thanks,

Nidhi

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Nidhi
Cisco Employee
Cisco Employee

‎06-11-2018 04:10 AM

Hi Roger,

The policy looks fine . 

After registration, CoA has to be triggered for the endpoint to re authenticate.

can you please enable prrt_srv log  to check the issue.

Thanks,

Nidhi

0 Helpful

Go to solution
hslai
Cisco Employee
Cisco Employee

‎06-11-2018 06:17 AM

Adding to Nidhi's, I would suggest to enable DEBUG on MDM and check ise-psc.log for the requests and responses to the partner MDM sites.

Customers Also Viewed These Support Documents