Security

Upcoming community maintenance Oct. 27th through Oct. 29th
For more info click here
Reply
Highlighted
Regular Contributor II

Cisco Device Sensor - LLDP TLV?

Can Clearpass leverage the LLDP TLV that the Cisco Device Sensor discovers? In this instance, we have some Avaya phones that dont attempt DHCP for several minutes however performs LLDP quickly. Device Sensor catches this and sends it in Accounting Packets to Clearpass. Is there a way I can get Clearpass to post this data to the Endpoints repository so that I can use it in fingerprinting and profiling? 

 

The phone will eventually perform DHCP, device sensor sends to CPPM which updates Endpoint and Service Profile will COA the phone and life is good.... after a long wait for the phone to perform DHCP. 


AMFX/ACEX #69
Aruba Partner Ambassador

Accepted Solutions
Highlighted
Moderator

Re: Cisco Device Sensor - LLDP TLV?

The information is NOT exposed. It is only provided to the profiling engine.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post


All Replies
Highlighted
Moderator

Re: Cisco Device Sensor - LLDP TLV?

The raw data is not exposed. It gets sent to the profiling engine for classification.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Regular Contributor II

Re: Cisco Device Sensor - LLDP TLV?

Can you elaborate some more? Where can I find it so I can write role-mapping or policy around it?

 

 


AMFX/ACEX #69
Aruba Partner Ambassador
Highlighted
Moderator

Re: Cisco Device Sensor - LLDP TLV?

The information is NOT exposed. It is only provided to the profiling engine.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
Contributor II

Re: Cisco Device Sensor - LLDP TLV?

I know this is an old post but I was playing with this with LLDP and CDP with ClearPass (6.9) to see how the profiling work incomparison to ICE and CPPM does add some of the CDP and LLDP attributes to the endpoints finger print details that are received as TLV VSA's in the Radius accounting packets.

 

Initially I though the LLDP info was being learnt via SNMP but I disabled the SNMP read operation on the network device entry for the Cisco switch.

 

Curiously the LLDP finger print info for LLDP of an Aruba AP still states the info is from SNMP. I am 99% sure that the CPPM is not learning this from the controller.

 

 It may also be worth noting that the Cisco switch only sends the TLV info for devices that successfully authenticate.

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: