12-12-2022 12:31 PM
Hello,
Has anyone successfully integrated a C1000-8T-2G-L with Cisco ISE using dot1x and DACL support? The C1000 has the latest software image (15.2.7E7).
We have found a strange issue that if the authorization profile has a DACL set the user port fails to pass dot1x authentication. Even if the DACL is just a permit any it still fails. When we set the authorization profile with just a VLAN and no DACL then the user port authenticates successfully and the machine can get on the network. We are using the same authorization profile for 2960X, 3560CX, 3850 and 9300 switches and they work with DACLs but this is the 1st time we've added a C1000 on the LAN. MAB also works fine on the C1000.