04-26-2022 08:11 AM
Hi all
I am configuring Dot1x with ISE on IOS XE switch (catalyst9300) with new-style set of commands.
The switch does not recognise some Switch ports commands and I don't with what I can replace them.
Here are the commands :
interface Gig1/03
authentication timer reauthenticate server
authentication periodic
mab
dot1x pae authenticator
dot1x timeout tx-period 10
access-session port-control auto
access-session host-mode multi-auth
Do you have an idea of which commands should I use instead ?
Thank you in advance.
Regards
04-26-2022 08:33 AM
- You are not exactly saying which particular commands are not working (?)
M.
04-27-2022 01:31 AM - edited 04-27-2022 01:31 AM
Hi marce1000,
Thank you for replying.
All the commands I've put don't work in the 9300 ctalyst IOS XE 16.09
04-26-2022 08:57 AM
These commands are typically used in the template that is attached to the port. But they also should work directly on the port.
Wild guess: Perhaps you have forgotten to enable dot1x globally?
dot1x system-auth-control
Without that command most of the interface config is not available.
04-27-2022 01:50 AM
07-12-2022 08:14 PM
I'm having the same issue as well. I was able to run the commands without any issues on other 9300 switches, except for this particular one. I've used the same configs as the others but for some reason, this one is giving me issues.
04-26-2022 12:50 PM
authentication display new-style <- do this command first.
""You can use this command to switch between legacy and C3PL display mode until you execute the first explicit Identity-Based Networking Services command. After you enter the first explicit Identity-Based Networking Services command, for example when configuring a control class or control policy, the system displays a prompt to confirm whether you want to continue because this command will be disabled and you cannot revert to legacy mode."" <- please NOTICE this mode can not revert to legacy mode
04-27-2022 01:51 AM
Hi,
Thank you for replying.
I am already in new-style mode. I cannot switch to legacy mode.
Regards
07-13-2022 07:03 AM
What is the current "SW# show run int gig 1/0/3" output? do you have that port already set to "switchport mode access" and then "switchport access vlan X" ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide