03-23-2025 05:43 PM
Hi,
There are two types of assignment of SGT : dynamic and static.
Static assignment, ISE will use SXP to inform switch.
How about dynamic (user use 801.x for auth)? Will ISE use SXP or not?
03-23-2025 09:27 PM
What is your deployment ?? ISE has any PxGrid integration??ISE can SGT info even for 802.1x users.
03-23-2025 09:34 PM
I mean when user authenticate using 802.1x will ISE use SXP to inform switch? Or only radius auth no SXP
03-23-2025 10:06 PM
802.1x is an authentication protocol only. it has no relation with SXP.
ISE uses Trustsec/SXP service to inform switches on the SGT tags. Check below doc - https://www.lookingpoint.com/blog/cisco-ise-trustsec-propagation
03-23-2025 10:40 PM
The link you sent to me mention for dynamic SGT assignment, ISE will use Radius authorization to tell the switch about SGT, not using SXP
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
