Re: Dot1x authentification failed (Cisco IOL L3 - Cisco ISE (RADIUS))

Jason2005 · ‎05-11-2024

So basically I have this problem I have setted policies for Dot1x and MAB on both Cisco IOL L3 (version 15) and Cisco ISE (RADIUS Server) but client do authentificate only with the default method which is MAB (I did set an order for methods on Switch, see full Switch IOL Configuration in images below).

Can anyone guide me!

@dot1x

Troubleshoot Dot1x and Radius in IOS and IOS-XE

authentification host-mode multi-auth

catalyst switch での AAA / Dot1X / MAB に関連する問題が発生した際に取得するログ

Troubleshoot Wired Dot1x Issues in ISE 3.2 and Windows

MHM Cisco World · ‎05-11-2024

If you run

Debug dot1x

Debug radius

And you dont get anything

Then it issue of CML not issue of config

To be honest I never see one success use dot1x in CML eve-ng or gns3

MHM

Jason2005 · ‎05-11-2024

Debug radius command is giving me the below output!

@MHM Cisco World

MHM Cisco World · ‎05-11-2024

This meaning that radius debug is ON

When you try access via endpoint do you see any debug ?

MHM

Jason2005 · ‎05-11-2024

now switch is showing me the below outputs :

@MHM Cisco World

MHM Cisco World · ‎05-11-2024

That good ghe dot1x magically work.

What issue you see'

Do

Show authentication interface session

Check the status of endpoint authc and authz

MHM

Jason2005 · ‎05-11-2024

yeah everything working fine now

but I'm running into another DHCP problem, server could not reach its Gateway and could not give IPs to hosts!

MHM Cisco World · ‎05-11-2024

Can I see

Show authentication session of this interface

MHM