We did a fail open test today and everything worked fine on the PC from the user perspective. We tested to see what would happen to the PCs if they were rebooted and the result was no network connectivity even though they had an IP. Some PCs needed another reboot to get network connectivity while others need two or more reboots. Need to find out whats causing the PC to lose connectivity after a reboot.

The switch at the location is a 2960s running 15.0(2)se10a. The ISE deployment is two nodes running 2.1 patches 1,2,3. Running config on switchport:

switchport access vlan 206
switchport mode access
switchport voice vlan 301
srr-queue bandwidth share 1 30 35 5
srr-queue bandwidth shape 10 0 0 0
priority-queue out
authentication control-direction in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 206
authentication event server dead action authorize voice
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication timer reauthenticate server
authentication timer inactivity server
authentication violation restrict
mab
snmp trap mac-notification change added
snmp trap mac-notification change removed
mls qos trust cos
dot1x pae authenticator
dot1x timeout tx-period 10
auto qos trust
spanning-tree portfast