Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
963
Views
0
Helpful
1
Replies

WS-C2960L-24PS-LL switches and IBNS 2

rayyaanfayker0006
Level 1
Level 1

‎07-24-2020 05:02 AM

Hi

 

i currently have some WS-C2960L-24PS-LL series switches in our environment and accordingly to Cisco switches with IOS 15.2(5)E and up can run IBNS 2. The weird part is that all the global commands gets accepted but the interface commands doesnt. note we have 2960x series switches and i dont have any issue with IBNS2 interface commands. 

the commands i am trying to paste on the interface 

authentication periodic
authentication timer reauthenticate server
access-session port-control auto
mab
dot1x pae authenticator
dot1x timeout tx-period 7
spanning-tree portfast
service-policy type control subscriber DOT1X-CONFIG Ithe interface does take this command)
spanning-tree portfast

 

switch version: 152-7.E2

 

i dont really want to go back to IBNS1 but as it looks it seems that i going to have to. anyelse have this issue? 

 

0 Helpful
1 Reply 1

Greg Gibbs
Cisco Employee
Cisco Employee

‎07-26-2020 04:02 PM

First off, the IBNS 2.0 interface settings require the port to be in Access mode. Be sure you have configured 'switchport mode access' before trying to configure the IBNS settings.

Secondly, most of those configuration settings should be configured in an interface template and the interface configuration should use that source template. This will greatly reduce the amount of per-interface configuration. See the ISE Secure Wired Access Prescriptive Deployment Guide for more information and current best-practice examples.

0 Helpful
Customers Also Viewed These Support Documents