03-30-2020 06:51 AM - edited 03-30-2020 06:56 AM
hello everyone
I have a problem guys,
1 piece standalone cisco ise v2.4 I use it in the building
500 to 800 users are working
''now; map authentication side is actively working now ''
anyconnect is installed on all computers and config is ready,
and when I activate the ports on the switch, I see that there is authentication on it
so the system is working'
but
there is no authentication at all when I restart computers,
running system before restarting computers
does not work after restarting computers
authentication does not work when I restart computers
and non-authentication users
anyconnect software asks for username and password
Meanwhile, I upgraded the patch updates
I made switch firmware updates
and there are switches operating in different brands
juniper,alcatel,huawei
I request your support on this matter, friends
thanks,
I'm transmitting the config information in the attachment,
'''
aaa authentication login default group XX_tacacs local
aaa authentication login console local
aaa authentication login CONSOLE none
aaa authentication dot1x default group radius
aaa authorization config-commands
aaa authorization exec default group XX_tacacs local if-authenticated
aaa authorization exec CONSOLE none
aaa authorization commands 1 default group XX_tacacs local if-authenticated
aaa authorization commands 15 default group XX_tacacs local if-authenticated
aaa authorization network default group radius
aaa authorization auth-proxy default group radius
aaa accounting update periodic 5
aaa accounting auth-proxy default start-stop group radius
aaa accounting dot1x default start-stop group radius
aaa accounting exec default start-stop group baro_tacacs
aaa accounting commands 1 default start-stop group XX_tacacs
aaa accounting commands 15 default start-stop group XX_tacacs
'''
port config
interface GigabitEthernet1/0/3
switchport mode access
switchport voice vlan 40
switchport port-security maximum 2
switchport port-security maximum 1 vlan access
power inline port 2x-mode
authentication host-mode multi-domain
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
mab
dot1x pae authenticator
dot1x timeout tx-period 1
spanning-tree portfast
spanning-tree bpduguard enable
Solved! Go to Solution.
05-13-2020 04:33 AM