Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
569
Views
0
Helpful
2
Replies

Switch interface configuration for ISE dot1x while the windows 7 endpoint in VM

Go to solution
netquestfun
Level 1
Level 1

‎10-19-2017 06:33 AM

Hi Expertz,

I have my ISE and windows 7 endpoint deployed in the same ESXI server, and both are connected to a same switch in the same subnet. The Server connects to switch ports (g1/0/10 and g1/0/11). So now, Which switch port should i configure dot1x commands to test wired dot.x access for this windows 7 endpoint. When i configured dot1x commands on g1/0/10 and/or g1/0/11, ports go down and i lose access to ESXI server. Pls suggest

Thanks,
Raj

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎10-19-2017 07:21 AM

Just to keep things simple you should make sure you have a separate network for your window client.

They should be on separate VLANs.

You would map your windows VM through a dedicated NIC to your switch port and map physical status through to your client. The switch port that is directly mapped would be the only port you would configure dot1 on.

Make sure you are connecting to your ESXI host and VM using the console (not an RDP session as it would be dropped). This connection would be on a different network or switch port so that you don’t take down connectivity

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎10-19-2017 07:21 AM

Just to keep things simple you should make sure you have a separate network for your window client.

They should be on separate VLANs.

You would map your windows VM through a dedicated NIC to your switch port and map physical status through to your client. The switch port that is directly mapped would be the only port you would configure dot1 on.

Make sure you are connecting to your ESXI host and VM using the console (not an RDP session as it would be dropped). This connection would be on a different network or switch port so that you don’t take down connectivity

0 Helpful

Go to solution
paul
Level 10
Level 10

‎10-19-2017 08:10 AM

If you are using open mode with no PreAuth ACL you shouldn't lose any connectivity and be able to test whatever you want. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents