After I have setted every policy on the switch and everything is working fine through an ISE authentification via dot1x, now server cannot reach its gateway in order to give IP DHCP addresses to the hosts on VLANs!
- Are you talking about an issue on the DHCP server here (or the dhcp-client) ?
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? ' When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
NAC doesn't interfere with DHCP. All the usual rule still apply. Not sure what you're asking really. Ensure that NAC authorized endpoints are not getting a dACL that blocks DHCP. And then of course (as usual) ensure that the access switch allows DHCP on the uplinks that go upstream towards the DHCP server.
When asking a question about why something doesn’t work, how can we possibly answer that question without seeing your config?
If you can't ping the DHCP server that is on the same subnet as ISE, then perhaps it's a Windows device that doesn't respond to ping. Can anything else ping the server?
What have you tried so far?
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
