IF-MIB

Object

OID

ifIndex

1.3.6.1.2.1.2.2.1.1

ifDescr

1.3.6.1.2.1.2.2.1.2

ifType

1.3.6.1.2.1.2.2.1.3

ifSpeed

1.3.6.1.2.1.2.2.1.5

ifPhysAddress

1.3.6.1.2.1.2.2.1.6

ifAdminStatus

1.3.6.1.2.1.2.2.1.7

ifOperStatus

1.3.6.1.2.1.2.2.1.8

SNMPv2-MIB

Object

OID

system

1.3.6.1.2.1.1

sysDescr

1.3.6.1.2.1.1.1.0

sysObjectID

1.3.6.1.2.1.1.2.0

sysUpTime

1.3.6.1.2.1.1.3.0

sysContact

1.3.6.1.2.1.1.4.0

sysName

1.3.6.1.2.1.1.5.0

sysLocation

1.3.6.1.2.1.1.6.0

sysServices

1.3.6.1.2.1.1.7.0

sysORLastChange

1.3.6.1.2.1.1.8.0

sysORTable

1.3.6.1.2.1.1.9.0

IP-MIB

Object

OID

ipAdEntIfIndex

1.3.6.1.2.1.4.20.1.2

ipAdEntNetMask

1.3.6.1.2.1.4.20.1.3

ipNetToMediaPhysAddress

1.3.6.1.2.1.4.22.1.2

ipNetToPhysicalPhysAddress

1.3.6.1.2.1.4.35.1.4

CISCO-CDP-MIB

Object

OID

cdpCacheEntry

1.3.6.1.4.1.9.9.23.1.2.1.1

cdpCacheIfIndex

1.3.6.1.4.1.9.9.23.1.2.1.1.1

cdpCacheDeviceIndex

1.3.6.1.4.1.9.9.23.1.2.1.1.2

cdpCacheAddressType

1.3.6.1.4.1.9.9.23.1.2.1.1.3

cdpCacheAddress

1.3.6.1.4.1.9.9.23.1.2.1.1.4

cdpCacheVersion

1.3.6.1.4.1.9.9.23.1.2.1.1.5

cdpCacheDeviceId

1.3.6.1.4.1.9.9.23.1.2.1.1.6

cdpCacheDevicePort

1.3.6.1.4.1.9.9.23.1.2.1.1.7

cdpCachePlatform

1.3.6.1.4.1.9.9.23.1.2.1.1.8

cdpCacheCapabilities

1.3.6.1.4.1.9.9.23.1.2.1.1.9

cdpCacheVTPMgmtDomain

1.3.6.1.4.1.9.9.23.1.2.1.1.10

cdpCacheNativeVLAN

1.3.6.1.4.1.9.9.23.1.2.1.1.11

cdpCacheDuplex

1.3.6.1.4.1.9.9.23.1.2.1.1.12

cdpCacheApplianceID

1.3.6.1.4.1.9.9.23.1.2.1.1.13

cdpCacheVlanID

1.3.6.1.4.1.9.9.23.1.2.1.1.14

cdpCachePowerConsumption

1.3.6.1.4.1.9.9.23.1.2.1.1.15

cdpCacheMTU

1.3.6.1.4.1.9.9.23.1.2.1.1.16

cdpCacheSysName

1.3.6.1.4.1.9.9.23.1.2.1.1.17

cdpCacheSysObjectID

1.3.6.1.4.1.9.9.23.1.2.1.1.18

cdpCachePrimaryMgmtAddrType

1.3.6.1.4.1.9.9.23.1.2.1.1.19

cdpCachePrimaryMgmtAddr

1.3.6.1.4.1.9.9.23.1.2.1.1.20

cdpCacheSecondaryMgmtAddrType

1.3.6.1.4.1.9.9.23.1.2.1.1.21

cdpCacheSecondaryMgmtAddr

1.3.6.1.4.1.9.9.23.1.2.1.1.22

cdpCachePhysLocation

1.3.6.1.4.1.9.9.23.1.2.1.1.23

cdpCacheLastChange

1.3.6.1.4.1.9.9.23.1.2.1.1.24

CISCO-VTP-MIB

Object

OID

vtpVlanIfIndex

1.3.6.1.4.1.9.9.46.1.3.1.1.18.1

vtpVlanName

1.3.6.1.4.1.9.9.46.1.3.1.1.4.1

vtpVlanState

1.3.6.1.4.1.9.9.46.1.3.1.1.2.1

CISCO-STACK-MIB

Object

OID

portIfIndex

1.3.6.1.4.1.9.5.1.4.1.1.11

vlanPortVlan

1.3.6.1.4.1.9.5.1.9.3.1.3.1

BRIDGE-MIB

Object

OID

dot1dTpFdbPort

1.3.6.1.2.1.17.4.3.1.2

dot1dBasePortIfIndex

1.3.6.1.2.1.17.1.4.1.2

OLD-CISCO-INTERFACE-MIB

Object

OID

locIfReason

1.3.6.1.4.1.9.2.2.1.1.20

CISCO-LWAPP-AP-MIB

Object

OID

cLApEntry

1.3.6.1.4.1.9.9.513.1.1.1

cLApSysMacAddress

1.3.6.1.4.1.9.9.513.1.1.1.1.1

cLApIfMacAddress

1.3.6.1.4.1.9.9.513.1.1.1.1.2

cLApMaxNumberOfDot11Slots

1.3.6.1.4.1.9.9.513.1.1.1.1.3

cLApEntPhysicalIndex

1.3.6.1.4.1.9.9.513.1.1.1.1.4

cLApName

1.3.6.1.4.1.9.9.513.1.1.1.1.5

cLApUpTime

1.3.6.1.4.1.9.9.513.1.1.1.1.6

cLLwappUpTime

1.3.6.1.4.1.9.9.513.1.1.1.1.7

cLLwappJoinTakenTime

1.3.6.1.4.1.9.9.513.1.1.1.1.8

cLApMaxNumberOfEthernetSlots

1.3.6.1.4.1.9.9.513.1.1.1.1.9

cLApPrimaryControllerAddressType

1.3.6.1.4.1.9.9.513.1.1.1.1.10

cLApPrimaryControllerAddress

1.3.6.1.4.1.9.9.513.1.1.1.1.11

cLApSecondaryControllerAddressType

1.3.6.1.4.1.9.9.513.1.1.1.1.12

cLApSecondaryControllerAddress

1.3.6.1.4.1.9.9.513.1.1.1.1.13

cLApTertiaryControllerAddressType

1.3.6.1.4.1.9.9.513.1.1.1.1.14

cLApTertiaryControllerAddress

1.3.6.1.4.1.9.9.513.1.1.1.1.15

cLApLastRebootReason

1.3.6.1.4.1.9.9.513.1.1.1.1.16

cLApEncryptionEnable

1.3.6.1.4.1.9.9.513.1.1.1.1.17

cLApFailoverPriority

1.3.6.1.4.1.9.9.513.1.1.1.1.18

cLApPowerStatus

1.3.6.1.4.1.9.9.513.1.1.1.1.19

cLApTelnetEnable

1.3.6.1.4.1.9.9.513.1.1.1.1.20

cLApSshEnable

1.3.6.1.4.1.9.9.513.1.1.1.1.21

cLApPreStdStateEnabled

1.3.6.1.4.1.9.9.513.1.1.1.1.22

cLApPwrInjectorStateEnabled

1.3.6.1.4.1.9.9.513.1.1.1.1.23

cLApPwrInjectorSelection

1.3.6.1.4.1.9.9.513.1.1.1.1.24

cLApPwrInjectorSwMacAddr

1.3.6.1.4.1.9.9.513.1.1.1.1.25

cLApWipsEnable

1.3.6.1.4.1.9.9.513.1.1.1.1.26

cLApMonitorModeOptimization

1.3.6.1.4.1.9.9.513.1.1.1.1.27

cLApDomainName

1.3.6.1.4.1.9.9.513.1.1.1.1.28

cLApNameServerAddressType

1.3.6.1.4.1.9.9.513.1.1.1.1.29

cLApNameServerAddress

1.3.6.1.4.1.9.9.513.1.1.1.1.30

cLApAMSDUEnable

1.3.6.1.4.1.9.9.513.1.1.1.1.31

cLApEncryptionSupported

1.3.6.1.4.1.9.9.513.1.1.1.1.32

cLApRogueDetectionEnabled

1.3.6.1.4.1.9.9.513.1.1.1.1.33

CISCO-LWAPP-DOT11-CLIENT-MIB

Object

OID

cldcClientEntry

1.3.6.1.4.1.9.9.599.1.3.1.1

cldcClientMacAddress

1.3.6.1.4.1.9.9.599.1.3.1.1.1

cldcClientStatus

1.3.6.1.4.1.9.9.599.1.3.1.1.2

cldcClientWlanProfileName

1.3.6.1.4.1.9.9.599.1.3.1.1.3

cldcClientWgbStatus

1.3.6.1.4.1.9.9.599.1.3.1.1.4

cldcClientWgbMacAddress

1.3.6.1.4.1.9.9.599.1.3.1.1.5

cldcClientProtocol

1.3.6.1.4.1.9.9.599.1.3.1.1.6

cldcAssociationMode

1.3.6.1.4.1.9.9.599.1.3.1.1.7

cldcApMacAddress

1.3.6.1.4.1.9.9.599.1.3.1.1.8

cldcIfType

1.3.6.1.4.1.9.9.599.1.3.1.1.9

cldcClientIPAddress

1.3.6.1.4.1.9.9.599.1.3.1.1.10

cldcClientNacState

1.3.6.1.4.1.9.9.599.1.3.1.1.11

cldcClientQuarantineVLAN

1.3.6.1.4.1.9.9.599.1.3.1.1.12

cldcClientAccessVLAN

1.3.6.1.4.1.9.9.599.1.3.1.1.13

cldcClientLoginTime

1.3.6.1.4.1.9.9.599.1.3.1.1.14

cldcClientUpTime

1.3.6.1.4.1.9.9.599.1.3.1.1.15

cldcClientPowerSaveMode

1.3.6.1.4.1.9.9.599.1.3.1.1.16

cldcClientCurrentTxRateSet

1.3.6.1.4.1.9.9.599.1.3.1.1.17

cldcClientDataRateSet

1.3.6.1.4.1.9.9.599.1.3.1.1.18

CISCO-AUTH-FRAMEWORK-MIB

Object

OID

cafPortConfigEntry

1.3.6.1.4.1.9.9.656.1.2.1.1

cafSessionClientMacAddress

1.3.6.1.4.1.9.9.656.1.4.1.1.2

cafSessionStatus

1.3.6.1.4.1.9.9.656.1.4.1.1.5

cafSessionDomain

1.3.6.1.4.1.9.9.656.1.4.1.1.6

cafSessionAuthUserName

1.3.6.1.4.1.9.9.656.1.4.1.1.10

cafSessionAuthorizedBy

1.3.6.1.4.1.9.9.656.1.4.1.1.12

cafSessionAuthVlan

1.3.6.1.4.1.9.9.656.1.4.1.1.14

EEE8021-PAE-MIB: RFC IEEE 802.1X

Object

OID

dot1xAuthAuthControlledPortStatus

1.0.8802.1.1.1.1.2.1.1.5

dot1xAuthAuthControlledPortControl

1.0.8802.1.1.1.1.2.1.1.6

dot1xAuthSessionUserName

1.0.8802.1.1.1.1.2.4.1.9

HOST-RESOURCES-MIB

Object

OID

hrDeviceDescr

1.3.6.1.2.1.25.3.2.1.3

hrDeviceStatus

1.3.6.1.2.1.25.3.2.1.5

LLDP-MIB

Object

OID

lldpEntry

1.0.8802.1.1.2.1.4.1.1

lldpTimeMark

1.0.8802.1.1.2.1.4.1.1.1

lldpLocalPortNum

1.0.8802.1.1.2.1.4.1.1.2

lldpIndex

1.0.8802.1.1.2.1.4.1.1.3

lldpChassisIdSubtype

1.0.8802.1.1.2.1.4.1.1.4

lldpChassisId

1.0.8802.1.1.2.1.4.1.1.5

lldpPortIdSubtype

1.0.8802.1.1.2.1.4.1.1.6

lldpPortId

1.0.8802.1.1.2.1.4.1.1.7

lldpPortDescription

1.0.8802.1.1.2.1.4.1.1.8

lldpSystemName

1.0.8802.1.1.2.1.4.1.1.9

lldpSystemDescription

1.0.8802.1.1.2.1.4.1.1.10

ldpCapabilitiesMapSupported

1.0.8802.1.1.2.1.4.1.1.11

lldpCacheCapabilities

1.0.8802.1.1.2.1.4.1.1.12

Session Trace for an Endpoint

You can use the global search box available at the top of the Cisco ISE home page to get session information for a particular endpoint. When you search with a criteria, you get a list of endpoints. Click on any of these endpoints to see the session trace information for that endpoint. The following figure shows an example of the session trace information displayed for an endpoint.


Note

The dataset used for search is based on Endpoint ID as indexes. Therefore, when authentication occurs, it is mandatory to have Endpoint IDs for the endpoints for those authentications to include them in the search result set.

Figure 1. Session Trace of an Endpoint
Session trace of an endpoint

You can use the clickable timeline at the top to see major authorization transitions. You can also export the results in .csv format by using the Export Results option. The report gets downloaded to your browser.

You can click the Endpoint Details link to see more authentication, accounting, and profiler information for a particular endpoint. The following figure shows an example of endpoint details information displayed for an endpoint.

Figure 2. Endpoint Details

Session Removal from the Directory

Sessions are cleaned from the session directory on the Monitoring and Troubleshooting node as follows:

  • Terminated sessions are cleaned 15 minutes after termination.

  • If there is authentication but no accounting, then such sessions are cleared after one hour.

  • All inactive sessions are cleared after five days.

Global Search for Endpoints

You can use the global search box available at the top of the Cisco ISE home page to search for endpoints. You can use any of the following criteria to search for an endpoint:

  • User name

  • MAC Address

  • IP Address

  • Authorization Profile

  • Endpoint Profile

  • Failure Reason

  • Identity Group

  • Identity Store

  • Network Device name

  • Network Device Type

  • Operating System

  • Posture Status

  • Location

  • Security Group

  • User Type

You should enter at least three characters for any of the search criteria in the Search field to display data.


Note

If an endpoint has been authenticated by Cisco ISE, or its accounting update has been received, it can be found through the global search. Endpoints that have been manually added and are not authenticated by or accounted for in Cisco ISE will not show up in the search results.

The search result provides a detailed and at-a-glance information about the current status of the endpoint, which you can use for troubleshooting. Search results display only the top 25 entries. You can use filters to narrow down the results.

The following figure shows an example of the search result.

Figure 3. Search Result For Endpoints

You can use any of the properties in the left panel to filter the results. You can also click on any endpoint to see more detailed information about the endpoint, such as:

  • Session trace

  • Authentication details

  • Accounting details

  • Posture details

  • Profiler details

  • Client Provisioning details

  • Guest accounting and activity