cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1312
Views
10
Helpful
1
Replies
Highlighted
Beginner

3850 03.07 Device-sensor accounting support

Having a heck of time finding the answer to this.

 

Have an ISE 1.4 Install with 3850 switches. Everything is working fine. However struggling to see if 1. Device Sensor data is supported for radius accounting on the 3850 code, 2. If it is, what the command set is.

 

Use the device-sensor data in the radius accounting to correctly profile devices.

DHCP Probe works fine. 

 

It looks like the 3850 did not support device-sensor till 3.6 code. 

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3e/release_notes/OL3262101.html

Looking through all the 3850 configuration I do not see any documentation on enabling 3850. But I can find the 3750-x configuration guide.

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/15-0_1_se/device_sensor/guide/sensor_guide.html

 

So the problem I run into is enabling the accounting aspect of device-sensor. The command does not exist.

 

device-sensor filter-list dhcp list dhcp
 option name domain-name-servers
 option name host-name
 option name domain-name
 option name class-identifier
 option name client-identifier
!
device-sensor filter-list lldp list lldp
 tlv name system-name
 tlv name system-description
 tlv name system-capabilities
 tlv name management-address
!
device-sensor filter-list cdp list cdp
 tlv name device-name
 tlv name port-id-type
 tlv name capabilities-type
 tlv name version-type
 tlv name platform-type
 
device-sensor filter-spec dhcp include list dhcp
device-sensor filter-spec lldp include list lldap
device-sensor filter-spec cdp include list cdp
device-sensor notify all-changes

switch99(config)#device-sensor ?
  filter-list  Sensor Protocol Filter List Configuration
  filter-spec  Sensor Protocol Filter Spec Configuration
  notify       Options for when to trigger identity update events

switch99(config)#device-sensor accounting
                                  ^
% Invalid input detected at '^' marker.

 

I have a TAC case open but not getting a clear answer on this right now.  Device-sensor data is getting collected just fine.

 

switch99#show device-sensor cache all
Device: 8843.e1c6.a83a on port GigabitEthernet1/0/13
--------------------------------------------------
Proto Type:Name                       Len Value
DHCP    60:class-identifier            19 3C 11 43 69 73 63 6F 3A 54 6F 75 63 68 64 65 76 
                                          69 63 65 
CDP      6:platform-type               24 00 06 00 18 43 54 53 2D 43 4F 44 45 43 2D 69 6E 
                                          54 6F 75 63 68 20 47 32 
CDP      5:version-type                19 00 05 00 13 54 49 37 2E 33 2E 32 20 31 34 61 64 
                                          37 63 63 
CDP      4:capabilities-type            8 00 04 00 08 00 00 00 90 
CDP      3:port-id-type                 8 00 03 00 08 65 74 68 30 
CDP      1:device-name                 19 00 01 00 13 53 45 50 38 38 34 33 45 31 43 36 41 
                                          38 33 41 

 

 

Radius is working and ISE is working fine.But when I run debug radius accounting. It never sends any of the CDP info and I am pretty sure its because the device-sensor isn't configured to send the information because of the absence of 

 

(config)#device-sensor accounting
                                  ^
% Invalid input detected at '^' marker.

 

device-sensor accounting

To add Device Sensor protocol data to accounting records and to generate additional accounting events when new sensor data is detected, use the device-sensor accounting command in global configuration mode. To disable adding Device Sensor protocol data to accounting records and to disable generating accounting events, use the no form of this command.

device-sensor accounting

 

 

Oct 19 21:14:07.037: RADIUS(00000000): Config NAS IP: removed
Oct 19 21:14:07.037: RADIUS(00000000): sending
Oct 19 21:14:07.038: RADIUS(00000000): Send Accounting-Request to removed:1813 id 1646/16, len 311
Oct 19 21:14:07.038: RADIUS:  authenticator 22 87 CF A3 E2 59 51 1C - E2 C9 BB 22 75 39 01 C9
Oct 19 21:14:07.038: RADIUS:  Framed-IP-Address   [8]   6   removed            
Oct 19 21:14:07.038: RADIUS:  User-Name           [1]   19  "88-43-E1-C6-A8-3A"
Oct 19 21:14:07.038: RADIUS:  Vendor, Cisco       [26]  49  
Oct 19 21:14:07.038: RADIUS:   Cisco AVpair       [1]   43  "audit-session-id=AC1C0BFA00001010339251F2"
Oct 19 21:14:07.038: RADIUS:  Vendor, Cisco       [26]  18  
Oct 19 21:14:07.038: RADIUS:   Cisco AVpair       [1]   12  "method=mab"
Oct 19 21:14:07.038: RADIUS:  Called-Station-Id   [30]  19  "84-B5-17-D0-B9-8D"
Oct 19 21:14:07.038: RADIUS:  Calling-Station-Id  [31]  19  "88-43-E1-C6-A8-3A"
Oct 19 21:14:07.038: RADIUS:  NAS-IP-Address      [4]   6   removed            
Oct 19 21:14:07.038: RADIUS:  Vendor, Cisco       [26]  29  
Oct 19 21:14:07.038: RADIUS:   cisco-nas-port     [2]   23  "GigabitEthernet1/0/13"
Oct 19 21:14:07.038: RADIUS:  NAS-Port            [5]   6   60000                     
Oct 19 21:14:07.039: RADIUS:  NAS-Port-Id         [87]  23  "GigabitEthernet1/0/13"
Oct 19 21:14:07.039: RADIUS:  NAS-Port-Type       [61]  6   Ethernet                  [15]
Oct 19 21:14:07.039: RADIUS:  Acct-Session-Id     [44]  10  "0000126B"
Oct 19 21:14:07.039: RADIUS:  Class               [25]  63  
Oct 19 21:14:07.039: RADIUS:   43 41 43 53 3A 41 43 31 43 30 42 46 41 30 30 30  [CACS:AC1C0BFA000]
Oct 19 21:14:07.039: RADIUS:   30 31 30 31 30 33 33 39 32 35 31 46 32 3A 63 6F  [01010339251F2:co]
Oct 19 21:14:07.039: RADIUS:   76 64 63 2D 63 6F 70 69 70 6E 2D 30 31 2F 32 33  [vdc-copipn-01/23]
Oct 19 21:14:07.039: RADIUS:   33 30 35 30 36 30 39 2F 32 35 36 34 39     [ 3050609/25649]
Oct 19 21:14:07.039: RADIUS:  Acct-Status-Type    [40]  6   Start                     [1]
Oct 19 21:14:07.039: RADIUS:  Event-Timestamp     [55]  6   1445289247                
Oct 19 21:14:07.039: RADIUS:  Acct-Delay-Time     [41]  6   0                         
Oct 19 21:14:07.039: RADIUS(00000000): Sending a IPv4 Radius Packet
Oct 19 21:14:07.040: RADIUS(00000000): Started 10 sec timeout
Oct 19 21:14:07.044: RADIUS: Received from id 1646/16 removed:1813, Accounting-response, len 20

 

 

 

 

1 REPLY 1
Cisco Employee

I believe you are using IBNS

I believe you are using IBNS 2.0 style of configs. You can check by executing following command.

Switch#authentication display config-mode
Current configuration mode is new-style

In this mode, device-sensor accounting CLI is not available. Instead you can use below CLIs to send protocol attributes as part of accounting messages if you are using 3.6.x code.

access-session accounting attributes filter-list list CDP
protocol cdp

access-session accounting attributes filter-spec list CDP