Hi All,
I recently came across a case where I can see that ISE displays the IP address under the endpoints column where there is traditionally a MAC address.
The circumstances for this are when a user connects using AnyConnect VPN solution where the adapter initiating the connection is a PPP adapter. What I discovered was that the PPP adapter is not displaying a physical address as documented on the AnyConnect DART bundle. Due to this, AnyConnect fails to retrieve the "mdm-tlv=device-mac" attribute which ISE uses for VPN connections to learn the MAC address of the endpoint. See below:
PPP adapter rel:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : rel
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : <redacted>(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . : 0.0.0.0
DNS Servers . . . . . . . . . . . : <redacted>
Primary WINS Server . . . . . . . : <redacted>
Secondary WINS Server . . . . . . : <redacted>
NetBIOS over Tcpip. . . . . . . . : Disabled
The question: Is it expected that PPP adapters do not display a physical MAC address? If so, why? Any help on this is appreciated!