Scribd
Upload
103 views3 pages

Original1.ISE Posture Failure

This document summarizes a dynamic authorization event in the Cisco Identity Services Engine. It provides details of the endpoint with IP address 73.109.9.146 that was found to be non-compliant with posture policies and had an access control list (ACL) applied as a result. Additional information captured includes authentication timestamps, policy servers, device types, and session events related to the authorization and ACL download.

Uploaded by

artead
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
103 views3 pages

Original1.ISE Posture Failure

This document summarizes a dynamic authorization event in the Cisco Identity Services Engine. It provides details of the endpoint with IP address 73.109.9.146 that was found to be non-compliant with posture policies and had an access control list (ACL) applied as a result. Additional information captured includes authentication timestamps, policy servers, device types, and session events related to the authorization and ACL download.

Uploaded by

artead
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Cisco Identity Services Engine https://dc-ise-1.horizon.internal/admin/liveAuthenticationDetail....

1 of 3 11/27/19, 3:42 PM
Cisco Identity Services Engine https://dc-ise-1.horizon.internal/admin/liveAuthenticationDetail....

Steps
Overview
11022 Added the dACL specified in the Authorization Profile
Event 5205 Dynamic Authorization succeeded
11100 RADIUS-Client about to send request - ( port = 1700 , type = Cisco CoA )
Username 11101 RADIUS-Client received response

Endpoint Id 73.109.9.146

Endpoint Profile

Authorization Result Posture_Non_Compliant

Authentication Details

Source Timestamp 2019-11-27 15:38:41.904

Received Timestamp 2019-11-27 15:38:41.904

Policy Server DC-ISE-1

Event 5205 Dynamic Authorization succeeded

Endpoint Id 73.109.9.146

Calling Station Id 73.109.9.146

Audit Session Id c0a801010ca3e0005ddf07f2

Network Device DC-5516-VPN

Device Type All Device Types#Firewalls#VPN ASA

Location All Locations#Data Center

NAS IPv4 Address 172.19.90.2

Authorization Profile Posture_Non_Compliant

Posture Status NonCompliant

Response Time 1 milliseconds

Other Attributes

ConfigVersionId 403

Acct-Session-Id 8DB00563

Event-Timestamp 1574897921

Device CoA type Cisco CoA

Device CoA port 1700

NetworkDeviceProfileId b0699505-3150-4215-a80e-6753d45bf56c

IsThirdPartyDeviceFlow false

CPMSessionID c0a801010ca3e0005ddf07f2

CoASourceComponent Posture

CoAReason posture status changed

CoAType COA-push

Model Name ASA5516

Network Device Profile Cisco

Location Location#All Locations#Data Center

Device Type Device Type#All Device Types#Firewalls#VPN ASA

IPSEC IPSEC#Is IPSEC Device#No

Device IP Address 172.19.90.2

ACS:CiscoSecure-Defined-ACL=#ACSACL#-IP-
CiscoAVPair POSTURE_NON_COMPLIANT-5bef0163,
audit-session-id=c0a801010ca3e0005ddf07f2

2 of 3 11/27/19, 3:42 PM
Cisco Identity Services Engine https://dc-ise-1.horizon.internal/admin/liveAuthenticationDetail....

Session Events

2019-11-27 15:38:41.905 DACL Download Succeeded

2019-11-27 15:38:41.904 Dynamic Authorization succeeded

2019-11-27 15:34:21.041 RADIUS Accounting watchdog update

2019-11-27 15:34:19.117 RADIUS Accounting start request

2019-11-27 15:34:19.111 DACL Download Succeeded

2019-11-27 15:34:19.109 Authorize-Only succeeded

3 of 3 11/27/19, 3:42 PM

You might also like