View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

Quick Tip: ISE 2.x Unquarantine EPS Endpoint

No votes yet

This is something that we learnt while we were doing some testing on ISE 2.x pxGrid integration with Lancope Stealthwatch. If you have your endpoints quarantined  from Lancope Stealthwatch (or any other EPS subscriber systems) but for some reason fail to unquarantine them, you might find your endpoints being stuck in the EPS-Quarantine state forever. As of ISE 2.0 Patch2 and 2.1, you can manually unquarantine any endpoints from ISE using their MAC addresses. Problem solved!!!

Go to Operations > ANC > Endpoint Assignment then click EPS Unquarantine


Enter the endpoint MAC address and click Unquarantine. This should cause a CoA to go out and force the endpoint to reauthenticate, hopefully no longer hit your quarantine authorization policy.



About Author

Metha Cheiwanichakorn, CCIE#23585 (RS, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at, Metha enjoys learning and challenges himself with new Cisco technologies.

Lab Minutes Classifieds