cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
872
Views
0
Helpful
4
Replies

ISE Authentication issue

rahul.k1
Level 1
Level 1

 

Hi Team,

 

Our team have been using LDAP instead of Active Directory

  • They are evaluating ISE but, using ISE with LDAP is not getting dot1x authentication
  • ISE is getting logs for the switch 2960-x and tested the MAB authentication

 What is the reason that when the dot1x is enabled, ISE does not receive the  logs for the same ?

 How do I enable 801.1x authentication in endpoints that are connected to an LDAP server ?

4 Replies 4

can you share config ?

balaji.bandi
Hall of Fame
Hall of Fame

 

what LDAP , Open LDAP ?

 

May be you need to follow troubleshoot tips and provide logs :

 

https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/216190-configure-and-troubleshoot-ise-with-exte.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Marvin Rhoads
Hall of Fame
Hall of Fame

802.1x used by endpoints and the backend authentication server used by ISE are completely separate elements. 802.1x is endpoint to network access device (NAD), RADIUS is NAD to ISE and LDAP is ISE to authentication server(s).

Is the LDAP server connected and tested/validated on the ISE side? Is your ISE Authorization condition(s) that the NADs (i.e.  switches or WLC) are configured to use checking for the endpoint LDAP attributes required to grant network access?

Greg Gibbs
Cisco Employee
Cisco Employee