Solved: Re: Cisco ISE - Switchport Authentication with 802.1x and Virtual Machine

charlesjparker · ‎07-18-2019

We have a computer that is authenticating using 802.1x on a port. The computer/host is running VMWare Workstation that has a Windows 10 virtual machine running.

The port is set for multi-auth mode, and the host authenticates fine using 802.1x. The VM never shows up as authenticating when running the show authentication sessions command for the interface.

The host experiences significant connectivity issues with the configuration. As a result, we are thinking the best option is to just use authentication open.

Any input would be appreciated.

Surendra · ‎07-18-2019

As long as the switch does not see that VNIC MAC address, there won’t be any session initiated. If the EAPoL requested by VM reaches the Switch with the source of the Physical NIC, then you will see those connection issues. This depends on your VM NIC configuration. Take a packet capture on the Physical NIC and Virtual NIC and see if the packets from the VNIC are going out with the VNIC MAC as the source or the Physical NIC as the source. It also probably depends on how the traffic is routed, like NATed/bridged etc.

View solution in original post

Surendra · ‎07-18-2019

As long as the switch does not see that VNIC MAC address, there won’t be any session initiated. If the EAPoL requested by VM reaches the Switch with the source of the Physical NIC, then you will see those connection issues. This depends on your VM NIC configuration. Take a packet capture on the Physical NIC and Virtual NIC and see if the packets from the VNIC are going out with the VNIC MAC as the source or the Physical NIC as the source. It also probably depends on how the traffic is routed, like NATed/bridged etc.