Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

ISE 2.7 with Dot1x and Tacacs+

Desmond Lee
Level 1
Level 1

‎11-23-2020 09:56 AM

Hi, I am need to implement Dot1X and use Tacacs+ at the same time with a single machine ISE (version 2.7).  
Dot1x may need Radius, so it is possible for ISE to act as both Radius and Tacacs+ server with the same IP address? (highlighted in red below)

 

Sample partial configuration of my switch:

 

aaa new-model

!

aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authentication dot1x default group radius local  // or can I change the keyword "radius" to "tacacs+" instead ?

!

dot1x system-auth-control
dot1x critical eapol

!

tacacs-server host 10.10.10.1 key 7 xxxxxxxxxx
radius-server host 10.10.10.1 key 7 xxxxxxxxxx

 

Thanks !

Desmond

1 person had this problem
0 Helpful
Who Me Too'd this topic