This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
a dedicated interface is used. I guess it's less complex and not consider any access switches. Drawback of course is, that one interface is "lost" :)
Thanks, I agree and one interface on the 6880's are quite a loss/expensive...
We do not have that but I have seen instability with not having that. We make use of the FEX's for dual-active detection, but that is not such a great idea, and now we do not have any open/spare interfaces for that purpose.
Would you mind sharing some of the gotcha's? We're running 15.1(2)SY6 on a 6880-X-LE.
The machine will get an auth success, then the user will get an auth success. We've verified that the switch is downloading the correct dACL from ISE and applying it to the port.
show authentication sessions interface <interface-id>
show ip access-list interface <interface-id>
Most of the resources are available but filing sharing is working sporadically. If the user logs out and then logs back in, the same dACL is applied to the port and all of the shares are visible to the user, which is not expected behavior.
The issue version appears to be meet the minimum requirements for ISE 2.1, but it is not the recommended code for the 6880's listed in the ISE 2.1 compatibility matrix guide. Did you experience this issue? Are there any reasons you deployed the ISE recommended version of the switch recommended version?
Hope your well.
Please need your help on below issue.
Everything working for two months than after more users added in that switch we got weird issue.
ISE is making problem on random ports using 6800 using Version 15.2(1)SY3.
we got almost 960 ports up in which 700 of them are using phones and pcs means dot1x needs to work for (700 x 2)+ 200 = 1600 DACL.
Kindly need your words on this
Sorry ... this question is kinda out-of-topic for this thread. Would you mind opening an own thread for this?
(Btw. more information would be good for the new topic. The provided information is not enough ["weird issue"]). But by the number of dACLs ... are you sure you're not running into TCAM issues?
But again - please open a new thread for this!