Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1513
Views
0
Helpful
2
Replies

802.1x authorized switch port blocks traffic

Go to solution
o_mahieu
Level 1
Level 1

‎10-23-2019 11:14 AM - edited ‎10-23-2019 11:15 AM

Hello,

I set up a wired 802.1x configuration. A windows DC/DNS/CA and a DHCP/NPS server authenticate and authorize succesfully a switch port.

Unfortunately, no traffic is allowed to pass through the port?!? IP address on the host and Vlan on the switch are correctly assigned from NPS/DHCP server.

If I issue a packet filter; ARP requests from the host are answered from the switch, but pings originating from the switch are replied by the host, but are not arriving back.

Does anyone have an idea where to look?

Included some useful info.

 

Thanks!!

 

Preview file
175 KB
Preview file
5 KB
Preview file
5 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
o_mahieu
Level 1
Level 1
In response to Dustin Anderson

‎10-23-2019 12:42 PM

Actually its solved...

I found out that with dot1x authentication an extended acl is installed on the switch. I had to overwrite it and apply to the correct interface... 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Dustin Anderson
VIP
VIP

‎10-23-2019 11:53 AM

I don't see an applied ACL, but are you sending down a DACL from ISE?

 

Is this done on port 1, and what vlan are you sending the device to?

 

once it is on, do you see the correct vlan doing a show int status?

0 Helpful

Go to solution
o_mahieu
Level 1
Level 1
In response to Dustin Anderson

‎10-23-2019 12:42 PM

Actually its solved...

I found out that with dot1x authentication an extended acl is installed on the switch. I had to overwrite it and apply to the correct interface... 

0 Helpful
Customers Also Viewed These Support Documents