Showing results for 
Search instead for 
Did you mean: 
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.


after enable 802.1x, the win7 client does not get a dhcp IP

Hi, we have a ACS 5.3 installation for 802.1x. The customer has winXP (SP3) and win7 clients.

Switch Types are Cat4506 and 3560G. The Switch configuartion looks like:


ip access-list extended PRE-AUTH

permit udp any any eq bootps

permit udp any any eq domain

permit ip any host

permit ip any host

deny   ip any any log


interface GigabitEthernet0/11

description * 802.1x Client *

switchport mode access

ip access-group PRE-AUTH in

authentication control-direction in

authentication event fail action next-method

authentication open

authentication order dot1x mab

authentication port-control auto

authentication violation restrict

authentication host-mode multi-auth


dot1x pae authenticator

dot1x timeout quiet-period 10

dot1x timeout tx-period 4

dot1x max-reauth-req 4

spanning-tree portfast


The winXP clients are ok, but the win7 clients starts with a PXE boot, but they dont get any DHCP IP.

We activated the term mon (debugging) command. see attched file.

Any hints or trobleshooting procedere?

Thanks Peter

Everyone's tags (8)