06-16-2017 12:19 AM
Hi All,
We have issue on ISE deployment after apply enforcement mode in switchport for LAN user.
First issue
Authentication for dot1x and MAB fail directly without any timeout, it recover back to MAB without any troubleshooting done.
Second issue
After recover to MAB passed, the reauth timer for the MAB device (printer HP M602) will be every 1 minutes.
Means every single minutes we will saw the report is dot1x failed, mab passed (as our priority to dot1x in all switchport).
Perform port bounce but still facing same issue, we are now focus on second issue to avoid multiple failure on report, and minimize authentication latency happen in short period.
Please advise.
Solved! Go to Solution.
06-20-2017 06:43 AM
It sound like you have a low reauth value on the switch port or configured as part of the authorization result set to a low value. Please see the universal switch configuration for recommendations on how switch ports sound be configured.
How To: Universal IOS Switch Config for ISE
Regards,
-Tim
06-20-2017 06:43 AM
It sound like you have a low reauth value on the switch port or configured as part of the authorization result set to a low value. Please see the universal switch configuration for recommendations on how switch ports sound be configured.
How To: Universal IOS Switch Config for ISE
Regards,
-Tim
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide