Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1372
Views
40
Helpful
6
Replies

Traffic Capture for BYOD in cisco ISE3.0

shrijan
Level 1
Level 1

‎09-28-2021 02:29 AM

Hello Everyone,

 

Is it possible to capture the traffic being consumed by BYOD devices?

 

I have Cisco ISE 3.0 in VM.

 

And for ISP traffic consumption i have been using Cacti 0.8v.

 

I think since ISE is in VM in cacti it is not showing the real bandwidth it is consuming.

 

Is there anyway to capture the real bandwidth it is consuming?

 

for the reference i have attached Cacti screen shot.

 

Thanks.

 

Regards,

shrijan

Preview file
34 KB
6 Replies 6

Milos_Jovanovic
VIP Alumni
VIP Alumni

‎09-28-2021 03:34 AM

Hi @shrijan,

ISE is acting only as AAA server, so capturing bandwidth isn't of much value here. Assuming that you want to capture ammount of bandwidth users on BYOD are generating, you would need to capture that data elsewhere (on WLC, on switch port, on SVI), as ISE is involved only untill users get their access to BYOD network. ISE is not a transit device for BYOD traffic.

BR,

Milos

shrijan
Level 1
Level 1
In response to Milos_Jovanovic

‎09-28-2021 11:55 PM

Hi @Milos_Jovanovic 

Thank you for the reply.

 

On WLC i have two SSID. One SSIS as OFFICE only for Laptop and another BYOD only for mobile devices. Both both are in separate VLANs.

 

Now if i capture the traffic for WLC connected switchport then if will give the traffic for both Laptop as well as Mobile devices. But i require only for Mobile devices traffic i.e. for BYOD only.

 

Also since BYOD is in separate vlan, i have captured the traffic for this vlan too but it does not show real traffic. It just shows the traffic in  few bits. (previous attached file was the traffic captured for BYOD Vlan interface.)

 

Any clue?

 

Thanks,

 

regards,

shrijan

 

 

Milos_Jovanovic
VIP Alumni
VIP Alumni
In response to shrijan

‎09-29-2021 05:46 AM

Hi @shrijan,

Are you using Local or FlexConnect mode?

If using Local Switching mode on WLC, you'll need to monitor each logical interface of WLC.

If using FlexConnect mode, you'll need to monitor logical interface on the equipment which is acting as default GW for BYOD segment.

BR,

Milos

shrijan
Level 1
Level 1
In response to Milos_Jovanovic

‎09-29-2021 07:41 AM

Hi @Milos_Jovanovic 

I am using as a Local Mode.

 

Can you kindly advice how do i monitor logical interface of WLC?

 

Let say I have two logical interfaces one for Laptops only (Mesh) and one for Mobile Phones only (BYOD).

 

Even though I put the details of BYOD interface to capture the traffic or to monitor the traffic but in the list to select it shows only Mesh interface. (I have attached the Picture will explain kindly have a look for the reference)

 

Thanks.

 

Regards,

Shrijan

Preview file
23 KB
Preview file
34 KB

Milos_Jovanovic
VIP Alumni
VIP Alumni

‎09-29-2021 11:44 PM

Hi @shrijan,

In this case, you would need to monitor interface on WLC itself, as that is the place where data for BYOD flows. For monitoring, I'm not an expert on WLC, so I don't know exactly how you can do it, but I'm assuming it is not different from other Cisco devices. By quick search, I managed to find this guide for monitoring of WLC. There, you have a reference to SNMP Object Navigator Tool, so try searching there appropriate OIDs for this.

BR,

Milos

shrijan
Level 1
Level 1
In response to Milos_Jovanovic

‎09-30-2021 12:12 AM

Hi @Milos_Jovanovic 

 

Thank You..

 

Let me go through it..

 

regards,

shrijan

Customers Also Viewed These Support Documents