Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1773
Views
5
Helpful
2
Replies

ISE: dACL not overwriting pre auth ACL

Go to solution
K_L
Level 1
Level 1

‎11-05-2021 03:00 PM

I am having an issue where some interfaces are having the pre auth ACL take precedence over the dACL. I can see the machines authenticating normally with do1x. The dACL is being applied to the interface permitting traffic. Yet, the machine is having its traffic blocked by the pre auth ACL. When the pre-auth ACL is removed from the interface, they have proper access again. This doesn't seem to happen uniformly. Even within the same switch, some interfaces will be effected while others aren't. Has anyone seen this before?

1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎11-07-2021 07:01 PM

ACL precedence depends on the network access devices. If you are using Cisco catalyst switches, try the latest release of the train. If that does not help, engage Cisco TAC. If other devices, please contact their platform support team.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
hslai
Cisco Employee
Cisco Employee

‎11-07-2021 07:01 PM

ACL precedence depends on the network access devices. If you are using Cisco catalyst switches, try the latest release of the train. If that does not help, engage Cisco TAC. If other devices, please contact their platform support team.

0 Helpful

Go to solution
K_L
Level 1
Level 1
In response to hslai

‎11-09-2021 12:05 PM

Thanks! Yes, these are all Cisco devices. I just had it happen again with a different switch. I'm going to open a TAC case.

0 Helpful
Customers Also Viewed These Support Documents