There are no ip address in some user in ISE

Leftz · ‎09-16-2021

Hello, In ISE live log, we can see many users record. Most of them have ip address. but some of them do not have ip address. Why it happen? Usually user get ip address first, and then contact ISE. without ip address, how it contact ISE? Thank you

Dustin Anderson · ‎09-16-2021

ISE is contacted by the network device, not the user. I have also seen you usually don't see all info in the active session (Blue icon) vs the authentication info (Green icon) in live views.

Marcelo Morais · ‎09-16-2021

Hi @Leftz ,

the Endpoint contact ISE without an IP Addr via EAP (Endpoint to NAD) and then RADIUS (NAD to ISE

In Operations > RADIUS > Live Logs ... you are able to check IP Addr info when you have a Session (Blue icon), not when you have a Auth Passed (Green icon).

Please take a look at: Tips for New ISE Administrators:

Auth Passed (Green check) Some examples of such status: ISE sent back RADIUS ACCESS-ACCEPT as result of the policy, successful ISE WebAuth, successful CoA, successful PAC provisioning.
Auth Failed (Red X) Some examples of such status: ISE sent back RADIUS ACCESS-REJECT as result of policy, failed ISE WebAuth, failed CoA, failed PAC provisioning, due to suppression settings, unknown NAD.
Session (Blue i) Accompanied by ‘Auth Passed’ and it means in addition to Auth Passed, ISE received RADIUS Accounting Start. As ISE receives RADIUS Accounting update for the session, the time for the session is updated via interim accounting update and the line item balloons up to the top of the Live Log.

Hope this helps !!!