01-02-2019 09:11 PM
Hi everyone,
I am implementing Cisco ISE 2.4 in LAB environment with a 2960S switch. I am trying to apply a default ACL on access ports to allow DNS and DC access before dot1x authentication. Unfortunately, the existing image does not support port-based ACLs. Does anyone know which IOS image should I use for this switch to implement dot1X with Cisco ISE?
Existing image is: c2960s-universalk9-mz.152-2.E9.bin
Any help in this regard is highly appreciated.
Thanks,
Kevin
Solved! Go to Solution.
01-02-2019 10:47 PM
01-02-2019 10:36 PM
Hi , i don't understand what mean does not support ,share please with us some port configuration .
01-02-2019 10:47 PM
01-02-2019 10:52 PM
@Damien MillerI think you are right i don't have problems with mine 2960
Model number : WS-C2960X-48FPS-L
Feature: lanbase
Period left: Life time
License Type: Permanent
License State: Active, In Use
License Priority: Medium
License Count: Non-Counted
This is mine switch and i have no problem with it
01-03-2019 08:58 AM
Thanks Damien,
Do you know which IOS image can I use to resolve this issue?
01-03-2019 09:03 AM
01-03-2019 10:46 AM
Great, Thank you very much.
01-03-2019 12:00 AM
01-03-2019 07:01 AM - edited 01-03-2019 07:04 AM
When I run ip access-group command, it says this image does not support port-based ACLs. I will attach the output of show license tonight since I don't have access to it now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide