Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Networking
- Routing
- Authenticate switch using ISE server
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
107
Views
0
Helpful
1
Replies
Authenticate switch using ISE server
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2025 06:27 AM
Hello everyone, I am trying to configure my switch so everyone who has an account on my AD can log in using ISE authentification server and here is the configuration in one switch:
SW-IDF-1F-B#sh conf Using 13014 out of 2097152 bytes ! ! Last configuration change at 08:05:55 UTC Wed Apr 23 2025 by network-admin ! version 17.6 service timestamps debug datetime msec service timestamps log datetime msec service call-home platform punt-keepalive disable-kernel-core ! hostname SW-IDF-1F-B ! ! vrf definition Mgmt-vrf ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! enable secret 9 $14$LbzO$KVPsG.r1hOuhVU$CPhnWwZBh1UUt.LqGCcVGD2nBT429VxntrxplR1mx8s ! ! ! ! aaa new-model ! ! aaa authentication login default local aaa authorization exec default local ! ! ! ! ! aaa server radius dynamic-author ! aaa session-id common switch 1 provision c9200l-48p-4x ! ! ! ! ! ! ! ! ! ! no ip domain lookup ip domain name ICESCO.LAN ! ! ! login on-success log ! crypto pki trustpoint SLA-TrustPoint enrollment pkcs12 revocation-check crl ! crypto pki trustpoint TP-self-signed-3252691763 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3252691763 revocation-check none rsakeypair TP-self-signed-3252691763 ! ! crypto pki certificate chain SLA-TrustPoint certificate ca 01 nvram:CiscoLicensi#1CA.cer crypto pki certificate chain TP-self-signed-3252691763 certificate self-signed 01 nvram:IOS-Self-Sig#2.cer ! license boot level network-essentials addon dna-essentials ! ! diagnostic bootup level minimal ! spanning-tree mode rapid-pvst spanning-tree extend system-id memory free low-watermark processor 10633 ! username o.abdelalim privilege 15 secret 9 $14$uu1e$k3DyyIlwzwtkyk$ABFm8z6y.LsVrGimcW.fUlRU.BX24e8uJKzYWtAd/T6 username network-admin privilege 15 secret 9 $9$bW2TAR.6QG4vC.$F70n8HMOahFIoZjkpSI40Swk717N4s4thn3CoLtDmEU username cisco privilege 15 secret 9 $9$3/MI2F6M2/II2E$Ol78zc2augvgNh.tZHV3eTLzgic22cLzKKvSLL3pndY ! redundancy mode sso ! ! transceiver type all monitoring lldp run ! ! class-map match-any system-cpp-police-ewlc-control description EWLC Control class-map match-any system-cpp-police-topology-control description Topology control class-map match-any system-cpp-police-sw-forward description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic class-map match-any system-cpp-default description EWLC data, Inter FED Traffic class-map match-any system-cpp-police-sys-data description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed class-map match-any system-cpp-police-punt-webauth description Punt Webauth class-map match-any system-cpp-police-l2lvx-control description L2 LVX control packets class-map match-any system-cpp-police-forus description Forus Address resolution and Forus traffic class-map match-any system-cpp-police-multicast-end-station description MCAST END STATION class-map match-any system-cpp-police-high-rate-app description High Rate Applications class-map match-any system-cpp-police-multicast description MCAST Data class-map match-any system-cpp-police-l2-control description L2 control class-map match-any system-cpp-police-dot1x-auth description DOT1X Auth class-map match-any system-cpp-police-data description ICMP redirect, ICMP_GEN and BROADCAST class-map match-any system-cpp-police-stackwise-virt-control description Stackwise Virtual OOB class-map match-any non-client-nrt-class class-map match-any system-cpp-police-routing-control description Routing control and Low Latency class-map match-any system-cpp-police-protocol-snooping description Protocol snooping class-map match-any system-cpp-police-dhcp-snooping description DHCP snooping class-map match-any system-cpp-police-ios-routing description L2 control, Topology control, Routing control, Low Latency class-map match-any system-cpp-police-system-critical description System Critical and Gold Pkt class-map match-any system-cpp-police-ios-feature description ICMPGEN,BROADCAST,ICMP,L2LVXCntrl,ProtoSnoop,PuntWebauth,MCASTData,Transit,DOT1XAuth,Swfwd,LOGGING,L2LVXData,ForusTraffic,ForusARP,McastEndStn,Openflow,Exception,EGRExcption,NflSampled,RpfFailed ! policy-map system-cpp-policy ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface GigabitEthernet0/0 vrf forwarding Mgmt-vrf no ip address shutdown ! interface GigabitEthernet1/0/1 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/2 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/3 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/4 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/5 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/6 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/7 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/8 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/9 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/10 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/11 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/12 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/13 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/14 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/15 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/16 description Non-Arabic switchport access vlan 110 switchport trunk native vlan 201 switchport mode access switchport nonegotiate ! interface GigabitEthernet1/0/17 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/18 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/19 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/20 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/21 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/22 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/23 description Non-Arabic switchport access vlan 110 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/24 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/25 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/26 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/27 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/28 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/29 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/30 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/31 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/32 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/33 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/34 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/35 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/36 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/37 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/38 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/39 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/40 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/41 description DT switchport access vlan 122 switchport mode access switchport voice vlan 150 spanning-tree portfast ! interface GigabitEthernet1/0/42 description DT switchport access vlan 122 switchport trunk native vlan 200 switchport mode access switchport nonegotiate ! interface GigabitEthernet1/0/43 description VLAN-PRINTER switchport access vlan 210 switchport trunk native vlan 200 switchport mode access switchport nonegotiate ! interface GigabitEthernet1/0/44 description VLAN-PRINTER switchport access vlan 210 switchport trunk native vlan 201 switchport mode access switchport nonegotiate ! interface GigabitEthernet1/0/45 description VLAN-PRINTER switchport access vlan 210 switchport mode access ! interface GigabitEthernet1/0/46 description VLAN-AP switchport trunk native vlan 201 switchport mode trunk switchport nonegotiate ! interface GigabitEthernet1/0/47 description VLAN-AP switchport trunk native vlan 201 switchport mode trunk switchport nonegotiate ! interface GigabitEthernet1/0/48 description VLAN-AP switchport trunk native vlan 201 switchport mode trunk switchport nonegotiate ! interface TenGigabitEthernet1/1/1 description UPLINK switchport mode trunk switchport nonegotiate ! interface TenGigabitEthernet1/1/2 description UPLINK switchport mode trunk switchport nonegotiate ! interface TenGigabitEthernet1/1/3 description UPLINK switchport mode trunk switchport nonegotiate ! interface TenGigabitEthernet1/1/4 description UPLINK switchport mode trunk switchport nonegotiate ! interface Vlan1 no ip address shutdown ! interface Vlan24 ip address 172.24.24.41 255.255.255.0 ! ip default-gateway 172.24.24.254 ip forward-protocol nd no ip http server ip http authentication local ip http secure-server ! ! logging host 10.1.13.71 transport udp port 8516 ! snmp-server community IcE$c0!2022 RO snmp-server community ICESCO RW snmp-server host 10.1.10.215 version 2c IcE$c0!2022 ! ! ! control-plane service-policy input system-cpp-policy ! ! line con 0 logging synchronous stopbits 1 line aux 0 line vty 0 4 logging synchronous transport input ssh line vty 5 15 logging synchronous transport input ssh ! ntp server 10.1.10.107 call-home ! If contact email address in call-home is configured as sch-smart-licensing@cisco.com ! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications. contact-email-addr sch-smart-licensing@cisco.com profile "CiscoTAC-1" active destination transport-method http ! ! ! ! ! ! end
Labels:
- Labels:
-
Routing Protocols
1 Reply 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2025 09:25 AM
- Your configuration is missing many items for that to work ; have a look at :
https://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_sw_cnfg.pdf
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Customers Also Viewed These Support Documents