Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
497
Views
0
Helpful
1
Replies

Fallback to Dot1x Auth After Circtical Voice Vlan Failover

phillip.vansickle
Level 1
Level 1

‎11-21-2014 01:05 PM - edited ‎03-10-2019 10:12 PM

Here's the scenario...

Switch is setup for .1x authentication...loses contact with ISE servers...

Fallback to critical VoIP/Data Vlan...that works great...

However, when contact with ISE is re-established, the switch does not seem to want to roll back?

 

How do I make this happen?

Port config below:

interface GigabitEthernet1/0/1
 switchport access vlan 85
 switchport mode access
 switchport voice vlan 685
 authentication event server dead action reinitialize vlan 85
 authentication event server dead action authorize voice
 authentication event server alive action reinitialize
 authentication host-mode multi-domain
 authentication port-control auto
 authentication periodic
 authentication violation restrict
 mab
 dot1x pae authenticator
 dot1x timeout tx-period 10
 spanning-tree portfast

 

 

Thanks, 

 

Phill

 

Labels:
0 Helpful
1 Reply 1

nspasov
Cisco Employee
Cisco Employee

‎11-23-2014 02:50 PM

A couple of questions:

1. Have you confirmed that the ISE server is marked as "Alive/UP" in the switch? You can check that with the following command "show aaa servers"

2. Can you post the radius related configs

 

Thank you for rating helpful posts!

Thank you for rating helpful posts!
0 Helpful
Customers Also Viewed These Support Documents