cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
443
Views
3
Helpful
7
Replies

Dot1x authentification failed (Cisco IOL L3 - Cisco ISE (RADIUS))

Jason2005
Level 1
Level 1

So basically I have this problem I have setted policies for Dot1x and MAB on both Cisco IOL L3 (version 15) and Cisco ISE (RADIUS Server) but client do authentificate only with the default method which is MAB (I did set an order for methods on Switch, see full Switch IOL Configuration in images below).

Can anyone guide me!

@dot1x 

Troubleshoot Dot1x and Radius in IOS and IOS-XE 

authentification host-mode multi-auth 

catalyst switch での AAA / Dot1X / MAB に関連する問題が発生した際に取得するログ 

Troubleshoot Wired Dot1x Issues in ISE 3.2 and Windows 

7 Replies 7

If you run

Debug dot1x

Debug radius 

And you dont get anything 

Then it issue of CML not issue of config

To be honest I never see one success use dot1x in CML eve-ng or gns3

MHM

Jason2005
Level 1
Level 1

 Debug radius command is giving me the below output!

@MHM Cisco World 

This meaning that radius debug is ON

When you try access via endpoint do you see any debug ?

MHM

Jason2005
Level 1
Level 1

now switch is showing me the below outputs :

@MHM Cisco World 

That good ghe dot1x magically work.

What issue you see' 

Do 

Show authentication interface session 

Check the status of endpoint authc and authz

MHM

Jason2005
Level 1
Level 1

yeah everything working fine now

but I'm running into another DHCP problem, server could not reach its Gateway and could not give IPs to hosts!

Can I see 

Show authentication session of this interface 

MHM

Review Cisco Networking for a $25 gift card