Greetings, we have installed ISE to backend our Wireless infrastructure. We have a 1000 endpoint Wireless package, which gives us 1000 base and 1000 advanced endpoint licensing. I know the Advanced is used for profiling and posture among other features. My question around the active license count. We currently have (per NCS) 685 clients associated to our wireless infrastructure. Back on the ISE console however, we show that we are using 941/1000 active advanced endpoint assesments license count. How is that possible?? I thought that license count was only applied to active clients, and we do not currently have anywhere close to 941 active clients on our wireless. Should that not be 1-1 or pretty close?
There is default time till that time IS E maintain the list of active client. and may possible that client logged off before that time out value but ISE still maintain that client in list till the default time. you have to purge these client from the list.
•A Base or Advanced license is consumed based on the feature that is utilized.
•An endpoint with multiple network connections can consume more than one license per MAC address. For example, a laptop connected to wired and also to wireless at the same time. Licenses for VPN connections are based on the IP address.
•Licenses are counted against concurrent, active sessions. An active session is one for which a RADIUS Accounting Start is received but RADIUS Accounting Stop has not yet been received.
Note Sessions without RADIUS activity are automatically purged from Active Session list every 5 days or if the endpoint is deleted from the system.
To avoid service disruption, Cisco ISE continues to provide services to endpoints that exceed license entitlement. Cisco ISE instead relies on RADIUS accounting functions to track concurrent endpoints on the network and generate alarms when endpoint counts exceed the licensed amounts:
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :