04-03-2021 05:12 AM - edited 04-03-2021 05:17 AM
Hi Guys,
After read some Cisco documentation, I have questions for you about the relation between 802.1x and DACL.
If I want to push DACL on a Cisco Switch from ISE node, do I need to enable 802.1x command on the switch ?
In fact, I'm asking me which command is pre-requisite for enable DACL on Cisco switch ?
I know that the command ip device tracking is needed.
But do I need to run these commands :
If someone can explain me which commands are a pre-requisite and which commands are optional and why ?
Regards.
Solved! Go to Solution.
04-03-2021 08:15 PM
Hi
dACLs are being pushed by ISE following an authorization. This means you can have dACL for a VPN authorization, switch 802.1x authorization… In any ways, you will need to have an authorization going on.
All commands you mentioned are for 802.1x authentication.
A good site to show what are all commands for for your knowledge: http://www.network-node.com/blog/2015/12/30/switch-configuration-for-dot1x
04-03-2021 08:15 PM
Hi
dACLs are being pushed by ISE following an authorization. This means you can have dACL for a VPN authorization, switch 802.1x authorization… In any ways, you will need to have an authorization going on.
All commands you mentioned are for 802.1x authentication.
A good site to show what are all commands for for your knowledge: http://www.network-node.com/blog/2015/12/30/switch-configuration-for-dot1x
04-14-2021 05:35 AM
Thank Francesco for your reply ^^.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide