11-03-2022 01:47 AM
Hi Everyone, i need your help regards ISE, Meraki and vlan switching.
scenario for wired devices:
we are having issues with number 5 above. While the device is correctly identified in ise and ise tells the MX to change vlan on that particular port, the MX does not.
Any of you knowledgeable people know what we are missing? I can post the configs later once i am in work.
thanks in advance.
Solved! Go to Solution.
11-03-2022 06:30 AM - edited 11-03-2022 06:31 AM
Why change VLANs at all? Also, I believe the MX also does not support CoA so this is most likely your issue. ISE will issue a CoA for the endpoint when it completes posture to trigger a re-auth. Why are you connecting and posturing clients on an MX? This should really be done from an MS.
https://www.youtube.com/watch?v=w3bLEI6dUIo&t=5s
11-03-2022 06:30 AM - edited 11-03-2022 06:31 AM
Why change VLANs at all? Also, I believe the MX also does not support CoA so this is most likely your issue. ISE will issue a CoA for the endpoint when it completes posture to trigger a re-auth. Why are you connecting and posturing clients on an MX? This should really be done from an MS.
https://www.youtube.com/watch?v=w3bLEI6dUIo&t=5s
11-03-2022 08:19 AM
Thanks for the reply, and the links. We have 600+ remote offices where an MX would fit as an integrated services device. Not being able to change vlans depending on client type is a bit of a show stopper in this scenario.
11-03-2022 09:18 AM
Why not an MS? Do you not have PoE needs across these 600+ offices?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide