Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1564
Views
0
Helpful
2
Replies

3850 Radius Authentication with ISE

joe.schmitt
Level 1
Level 1

‎09-02-2016 08:17 AM - edited ‎03-08-2019 07:17 AM

I am working on a proof of concept to do wired authentication on access-level switches using ISE 2.1.  I am working with a 3850 in the lab and despite my best efforts, I am not able to see the switch in my network devices list in ISE.  Here are my applicable sections from the switch's config:


aaa new-model
!
!
aaa authentication dot1x default group ise-test
aaa authorization network default group ise-test
aaa authorization auth-proxy default group ise-test
aaa accounting update periodic 5
aaa accounting identity default start-stop group ise-test
!
snmp-server community ise-community RO
radius-server attribute 6 on-for-login-auth
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server dead-criteria time 30 tries 3
!
radius server ise-test
address ipv4 10.1.3.12 auth-port 1812 acct-port 1813
pac key 7 key

What am I missing?

1 person had this problem
Labels:
0 Helpful
2 Replies 2

egodalisse
Level 1
Level 1

‎01-31-2017 12:06 PM

3850 is different from 3750 when it comes to dot1x.

you now need to have your authentication events/actions defined in class-map referenced with a service policy attached to the user port.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card