ISE PSN node down, close mode devices are not reachable

nileshdubey · ‎10-25-2022

I am implementing ISE 3.1 in my organization.

In open mode devices are reachable and available on network irrespective of their authentication status. But in close mode new devices are not getting authenticated and due to that they are unable to join the network while old devices which have established sessions are reachable and available on network.

Could anyone please help me, if there is a way close mode devices can also authenticate when PSNs are down irrespective of their authentication status?

Thanks in advance !

Arunkumar Sathasivam · ‎11-14-2022

Hi Nileshdubey,

Yes, you can do the Authentication fail open when your radius server is unreachable. Please find below URL for your query. By Finding Configuring 802.1x Inaccessible Authentication Bypass heading on the page to get you result

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/3e/consolidated_guide/configuration_guide/b_consolidated_3650_3e_cg/b_consolidated_3650_3e_cg_chapter_01010111.html#ID778

-------------------------------------------------------------
If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.

You can also learn more about ISE through our live Ask the Experts (ATXs) session. Register following Ask-The-Expert session and get more details https://community.cisco.com/t5/technology-and-support-events-and-webinars/eb-p/ts-events-webinars-bd?label_texts=User+Access+Control%2CAsk+the+Experts
-------------------------------------------------------------

Regards

Arunkumar