Hi,

I tried one of the ports using closed mode and others using open mode. Below are both my template config.

However the port bound to "closed" template doesnt work. Is there anything else i shld set?

template OPEN
dot1x pae authenticator
mab
access-session control-direction in
access-session port-control auto
authentication periodic
authentication timer reauthenticate server
service-policy type control subscriber DOT1X
no access-session closed

template closed
dot1x pae authenticator
mab
access-session control-direction in
access-session port-control auto
authentication periodic
authentication timer reauthenticate server
service-policy type control subscriber DOT1X
access-session closed

Hi,

The reason i create two template is because i wanted to test if during "closed" mode, the endpoint will or not be blocked.

what i did was create another template called "closed", and then put source template "closed" under the interface which previously was source template OPEN.

But then it seems like after insert command source template "closed" , the port blocked everything. 

I did a "shut , no shut" but still the same.

Afterwards, I normalize to source template OPEN and everything was back to normal.

Just dont understand why source template "closed" blocked everything because the end-point was already allowed in the correct identity grp which can be observed as authentication passed with ALLOW authorization policy applied.