07-07-2021 05:19 PM
Hello,
I wanted to inquire if anyone has seen an issue where when IP Device Tracking command is enabled on ports [globally on Catalyst 3000 and 9000 switches] the endpoint does not appear in the auth session and fails to pull an IP from DHCP. When the command is removed the endpoint almost immediately pulls a good IP. Below is our current global configuration on any given switch with the device tracking command in place:
interface GigabitEthernetX/X/XX
switchport access vlan XX
switchport mode access
switchport voice vlan XX
device-tracking
authentication control-direction in
authentication event fail action next-method
authentication event server alive action reinitialize
authentication host-mode multi-domain
authentication order dot1x mab
authentication port-control auto
authentication periodic
mab
dot1x pae authenticator
dot1x timeout tx-period 2
dot1x timeout supp-timeout 10
spanning-tree portfast
Any advice or reference to known caveats would be greatly appreciated!
Thank you.
07-07-2021 08:52 PM
What IOS are you running?
Also are you using SISF based tracking or traditional IPDT?
07-08-2021 06:20 PM
Thank you for the response.
The iOS is XE 16.12.3a for 3Ks and XE 17.04.01.
We are using traditional IPDT.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide