Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
824
Views
0
Helpful
0
Replies

Cisco 2960X Switch NAC with Pulse Secure

KayChan446250
Level 1
Level 1

‎06-18-2019 07:14 PM

We have deployed a network access control by using Pulse Secure & Juniper Switch.
Right now, we use the same Pulse Secure & working on Cisco Switch.

 

After several testing, we found register MAC PC can be assigned to authorize vlan.
Although fail / no response PC can be assigned to other vlan, it cannot be assigned to authorize vlan after we do MAC registration.

 

Could someone help to have a look?

 

 

----------------------------------------------------------

interface GigabitEthernet1/0/38
switchport access vlan 131
switchport mode access
authentication event fail action authorize vlan 23
authentication event server dead action authorize vlan 131
authentication event no-response action authorize vlan 23
authentication order mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate 60
mab
spanning-tree portfast
end

 

Result: Auth Fail 

----------------------------------------------------------

Interface: GigabitEthernet1/0/38
MAC Address: 6c2b.59e8.3a7c
IPv6 Address: Unknown
IPv4 Address: 172.16.26.136
User-Name: 6c2b59e83a7c
Status: Authorized
Domain: DATA
Oper host mode: single-host
Oper control dir: both
Session timeout: N/A
Restart timeout: N/A
Periodic Acct timeout: N/A
Session Uptime: 58083s
Common Session ID: C0A88306000000953F43D921
Acct Session ID: 0x0000006F
Handle: 0xFE00005F
Current Policy: POLICY_Gi1/0/38

Local Policies:
Service Template: GUEST_VLAN_Gi1/0/38 (priority 150)
Vlan Group: Vlan: 23

Method status list:
Method State

mab Stopped

----------------------------------------------------------

 

Result: Auth Success

----------------------------------------------------------

Interface: GigabitEthernet2/0/2
MAC Address: 6c2b.59e1.15b8
IPv6 Address: Unknown
IPv4 Address: 192.168.131.52
User-Name: 6c2b59e115b8
Status: Authorized
Domain: DATA
Oper host mode: single-host
Oper control dir: both
Session timeout: 3600s (local), Remaining: 996s
Timeout action: Reauthenticate
Restart timeout: N/A
Periodic Acct timeout: N/A
Session Uptime: 2613s
Common Session ID: C0A883060000007A39BFB261
Acct Session ID: 0x00000054
Handle: 0x8000004D
Current Policy: POLICY_Gi2/0/2

Local Policies:
Service Template: DEFAULT_LINKSEC_POLICY_SHOULD_SECURE (priority 150)

Server Policies:

Method status list:
Method State

mab Authc Success

 

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card