Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
138
Views
0
Helpful
1
Replies

Cisco ISE Posture Report showing wireless MAC instead of LAN MAC

Syamkumar
Level 1
Level 1

‎10-09-2024 12:41 AM

We are currently facing some funny scenario here, Need the experts to answer this. 
We are currently having posture for Wireless and Wired. Upon scanning on AnyConnect, we saw the endpoint is compliant. But on ISE live logs, it is showing as "Pending".
When i checked the Posture Report by Endpoints, i noticed that the report is showing Wireless NIC Mac Address in the report instead of Wired MAC Address. 
Upon, disabling the NIC Adapter alone, then only, we noticed that the posture report is showing correct MAC Address. It will be hard if we disable everytime user want to use wired or wireless.

Labels:
0 Helpful
1 Reply 1

Flavio Miranda
VIP
VIP

‎10-09-2024 04:21 AM

@Syamkumar 

 Take a look in "calling-station-id" I believe this could help you.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-6/config-guide/b_wl_17_6_cg/m_radius-call-station-identifier.pdf

"The called station identifier allows a RADIUS server to specify the MAC addresses or networks that a client
can connect. One such attribute can be added in the Access-Request packet. The called station identifier is
useful in scenarios where preauthentication is supported. In such instances, the called station identifier enables
the RADIUS server to restrict the networks and attachment points the client can connect."

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card