Short checklist related to troubleshooting BYOD failures from Cisco.
On the ISE side enable ISE debug logging. Complete these steps in order to view the ISE log:
- Navigate to Administration > Logging > Debug Log Configuration, and select the appropriate ISE policy node.
- Set the client and provisioning logs to debug or trace, as required. Reproduce the problem and document relevant seed info in order to facilitate searching, such as MAC, IP, and user.
- Navigate to Operations > Download Logs, and select the appropriate ISE node.
- On the Debug Logs tab, download the logs named ise-psc.log to the desktop.
- Use an intelligent editor, such as Notepad ++ in order to parse the log files.
- When the issue has been isolated, then return the log levels to the default level.
On the client side, the following is log locations based on device type:
- Look for /sdcards/downloads/spw.log file in order to view the client-side logs for Android applications.
- Look for %temp%\spwProfileLog.txt (ex: C:\Users\admin\AppData\Local\Temp\spwProfileLog.txt) in order to view the client-side logs.
- Use the Console application, and look for the SPW process and System.log file.
- For Apple iOS, use the iPhone Configuration Utility (iPCU) in order to view messages.
Table below reflects BYOD certificate store based on endpoint platform.