Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2275
Views
0
Helpful
7
Replies

Virtual Machines with ISE Issues

fogemarttt
Level 1
Level 1

‎05-18-2015 12:09 PM - edited ‎03-12-2019 05:46 PM

Hello All,

I have an Environment using Access Switch (Authenticator) with different Vlan for Access Point, Employee, Guest Users, Printers, IP Phone. this switch is connected to a router hosting vlan for Active Directory, WLC, and ISE.  ISE is a VM and I also have some VM (employee-PC, Contractor PC) on the same physical server. I am not able to authenticate and authorize VMs and user conected using Virtual Machine. 

 

Because the physical server hosting the VMs carry many VLAN, these port are a trunk port. Every time in Authentication Log, I get a Null error. 

I have try to replace the command : Authentication host-mode multi-auth with Authentication host mode multi-host without success. 

Please how is it possible to authenticate and authorize Virtual Machine Endpoint on ISE ??

 

 

1 person had this problem
Labels:
0 Helpful
7 Replies 7

jan.nielsen
Level 7
Level 7

‎05-18-2015 01:16 PM

Are you using VMWare ESX or Workstation ?

Are you using the same physical network card in your VMWare server for the ise and the clients ?

0 Helpful

fogemarttt
Level 1
Level 1
In response to jan.nielsen

‎05-19-2015 12:54 AM

hello Jan,

No. I am using VMWARE ESXI 5.1 and I have two vSwitch one for the data network(ise, ad, wlc etc..) and one for the access clients (printer, employee-pc, guest-pc etc.). It is working fine. each computer get the right address from the right dhcp pool. 

0 Helpful

jan.nielsen
Level 7
Level 7
In response to fogemarttt

‎05-19-2015 05:54 AM

What is the output of "show authentication session interface <port your esx client interface is connected to>" on your switch? Please do it while youre VM's are started and you are trying to authenticate them

0 Helpful

renateneike
Level 1
Level 1
In response to jan.nielsen

‎06-28-2018 06:00 AM

Hello,
is there a solution for this?
I have the same problem.

 

My Port-Configuration:

interface GigabitEthernet1/25
 description N.15
 switchport mode access
 switchport voice vlan 200
 speed 1000
 duplex full
 authentication event fail action next-method
 authentication host-mode multi-domain
 authentication order dot1x mab
 authentication priority dot1x mab
 authentication port-control auto
 authentication timer restart 30
 authentication violation restrict
 mab
 dot1x pae authenticator
 spanning-tree portfast edge
end

Best regards,
Renate

0 Helpful

renateneike
Level 1
Level 1

‎06-28-2018 10:23 PM

Hello,
is there a solution for this?
I have the same problem.

 

My Port-Configuration:

interface GigabitEthernet1/25
 description N.15
 switchport mode access
 switchport voice vlan 200
 speed 1000
 duplex full
 authentication event fail action next-method
 authentication host-mode multi-domain
 authentication order dot1x mab
 authentication priority dot1x mab
 authentication port-control auto
 authentication timer restart 30
 authentication violation restrict
 mab
 dot1x pae authenticator
 spanning-tree portfast edge
end

Best regards,
Renate

0 Helpful

Filip Po
Level 1
Level 1

‎06-29-2018 10:29 AM

Are you trying authenticate multiple hosts on the same one physical interface with switchport mode trunk configured on that interface?

And you trying to use multiple different dynamically assigned VLAN IDs to every host on that physical interface?

I bet you did not, because it will not work.

 

Take a look at this thread, it might help:

https://supportforums.cisco.com/discussion/11054926/8021x-multi-domain-multiple-workstation

 

Filip

0 Helpful

renateneike
Level 1
Level 1
In response to Filip Po

‎07-02-2018 06:26 AM

it works with

authentication host-mode multi-auth

 Thanks :)

0 Helpful
Customers Also Viewed These Support Documents