Cisco ISE Troubleshooting, Part 2

Cisco ISE TME Pavan Gupta gives you more great tips on troubleshooting. Topics: 00:00 Intro & Agenda 01:47 ISE Node Services 05:24 Troubleshooting Touch Points 05:55 ISE RADIUS Policy Evaluation 08:52 IP Device Tracking - Switch Integrated Security Feature (SISF) 10:29 Demo: IP Device Tracking (`show device tracking database`) 11:35 Does ISE Support My Network Access Device (NAD)? https://cs.co/ise-my-nads https://cs.co/ise-compatibility (IETF & RFC Protocols) Third Party NAD Profiles and Configs: https://community.cisco.com/docs/DOC-64547 14:24 Understanding ISE Logs 15:57 Remembering ISE Log Names & Components 16:29 ISE Debug Wizard 19:38 ISE Guest Troubleshooting 20:43 Demo: ACL(s) not defined in Wireless LAN Controller (WLC) 22:54 Demo: URL Redirection is not working (Ports, URL-Redirect ACL, Proxy) 32:02 ISE Posture Troubleshooting : Redirect and Discovery (ACL, URL-Redirect, DACL, NAC Agent Version, Proxy Use, Discovery Agents) `show authentication sessions interface {interface} details` `show authentication sessions mac {mac} details` `show ip access-lists {name}` 39:45 Advanced Posture Issue Troubleshooting 40:50 ISE Troubleshooting Tech Notes: https://cs.co/ise-troubleshooting 41:27 TCPDump (Packet Capture) 42:59 Demo: TCPDump Filters: `ip host {ip} and tcp port 8443` and `ether host {mac}` 48:21 ISE Support Bundle Process 49:33 Demo: Create ISE Support Bundle 51:23 Demo: ISE Session Trace Tests 57:54 ISE Resources 58:22 Questions: - Why is IP Device Tracking important? - Do access list in ISE work in reverse (for URL Redirect ACLs)? Resources: ISE Troubleshooting Tech Notes https://cs.co/ise-troubleshooting ISE Webinars https://cs.co/ise-webinars Does ISE support My Network Device? https://cs.co/ise-my-nads ISE Resources https://cs.co/ise-resources ISE Compatibility Guides https://cs.co/ise-compatibility ISE NAD Capabilities https://cs.co/nad-capabilities ISE Community https://cs.co/ise-community ISE Security Integration Guides https://cs.co/ise-guides