Oh yea, i think that i just enabled it for the 12 port range that i defined. I didn´t need all the 24ports, do you think it would make a difference if i enable dot1x globally? Because it should be a very easy configuration for the device to show up in the ise gui, but somehow it doesnt work. I used a 2960-S switch before that and i couldn´t implement it either.

@CasualUser01 it's not optional, it's a requirement - so yes it will make a difference.

You must enable 802.1X globally, not just under the interface.

This section is from the guide I previously supplied.

Enable 802.1X globally on the switch,use the dot1x system-auth-controlcommand in global configuration mode.

c9300-Sw(config)#dot1x system-auth-control

 https://community.cisco.com/t5/security-documents/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515

Oh ok my bad, when im at office again i will enable it globally and then look again if it solves the problem. Thank you for taking time to help me out, hopefully it will work. 

Oh i actually looked into the 2960-S switch config which i had configured before the 2960-X and there i used the command dot1x system-auth-control, but it was also not visible in the gui. I think there is something else which i have not discovered yet why it does not work.

Hi Rob,

i enabled dot1x globally and then restarted the ise-services. The device still does not show up and authentications are not being sent to the ise server. If i do show aaa servers i get this:

SWCGN1ACST006#sh aaa servers

RADIUS: id 1, priority 1, host x.x.x.x, auth-port 1812, acct-port 1813
State: current UP, duration 148428s, previous duration 0s
Dead: total time 0s, count 0
Quarantined: No
Authen: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Author: request 6, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 6, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 13ms
Transaction: success 6, failure 0
Throttled: transaction 0, timeout 0, failure 0
Account: request 0, timeouts 0, failover 0, retransmission 0
Request: start 0, interim 0, stop 0
Response: start 0, interim 0, stop 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Elapsed time since counters last cleared: 1d17h13m
Estimated Outstanding Access Transactions: 0
Estimated Outstanding Accounting Transactions: 0
Estimated Throttled Access Transactions: 0
Estimated Throttled Accounting Transactions: 0
Maximum Throttled Transactions: access 0, accounting 0
Requests per minute past 24 hours:
high - 17 hours, 13 minutes ago: 0
low - 17 hours, 13 minutes ago: 0
average: 0

And here is also the sh authentication sessions command on the switch:

SWCGN1ACST006#sh authentication sessions

Interface MAC Address Method Domain Status Fg Session ID
Gi1/0/3 c018.0359.7f45 N/A UNKNOWN Unauth 0A0116060000002408D54615

Session count = 1

Key to Session Events Blocked Status Flags:

A - Applying Policy (multi-line status for details)
D - Awaiting Deletion
F - Final Removal in progress
I - Awaiting IIF ID allocation
N - Waiting for AAA to come up
P - Pushed Session
R - Removing User Profile (multi-line status for details)
U - Applying User Profile (multi-line status for details)
X - Unknown Blocker

However now i get the message that dot1x auth fails but it does not authorize the critical vlan

Apr 11 06:55:38.316: %DOT1X-5-FAIL: Authentication failed for client (c018.0359.7f45) on Interface Gi1/0/3 AuditSessionID 0A0116060000002408D54615