Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
620
Views
1
Helpful
4
Replies

Problems with Sw 9300 and an ISE 3.3 patch 6

Francisco Leon
Level 1
Level 1

‎07-31-2025 08:42 PM

Hello team,

Currently, we have a network of 9300 switches where 802.1X has been configured on each port, and each port is connected to a Windows PC.

Initially, the user logs into the PC, then the switch sends the session to ISE, and ISE validates it against Active Directory.

When checking the logs in ISE and searching by user or device MAC address, the logs and session changes appear each time the user logs in.

Also, if you run the command show authentication session interface Gi1/0/xx detail on the switch port, it shows all the details such as IP, MAC, username, domain, and whether the authentication was successful or not.

The issue is that, for example, today I configure the port with 802.1X, and I can see the session logs in ISE. However, after a few days, when I search for the logs of that day, they are no longer there. I check on the switch port, and it still shows all the session details.
I had to remove the 802.1X configuration from the switch port and reapply it in order to see the logs in ISE again.

My question is: has anyone else experienced this issue?

Labels:
4 Replies 4

Enes Simnica
Spotlight
Spotlight

‎08-01-2025 12:08 AM

hello @Francisco Leon  This sounds like a log retention or visibility issue in ISE rather than a problem with 802.1X itself, especially since the switch still shows the session details and reapplying the config triggers new logs in ISE. U need to absolutely verify ur log retention settings in ISE. Also check the health of ur monitoring  and troubleshooting. AND dont forget that some ISE versions have known bugs where authentication sessions don’t appear after a certain period, and u can check that with Cisco bug search tool. and for more share some show command results here...

 

-Enes

more Cisco?!
more Gym?!



If this post solved your problem, kindly mark it as Accepted Solution. Much appreciated!
0 Helpful

Joshqun Ismayilov
Level 1
Level 1

‎08-01-2025 12:57 AM

Hi @Francisco Leon  
Can you please check your interface config /

interface Gi1/0/xx
authentication port-control auto
authentication periodic
authentication timer reauthenticate 86400
dot1x timeout session-timeout 86400
dot1x reauthentication
if you have timeout command please add and test again.

#dot1x timeout quiet-period 5
#dot1x timeout tx-period 10

Thanks!

0 Helpful

MHM Cisco World
VIP
VIP

‎08-01-2025 01:58 AM - edited ‎08-01-2025 01:58 AM

New authc appear in live log 

Old authc (day ago) check report of ISE not live log.

MHM

0 Helpful

Francisco Leon
Level 1
Level 1

‎08-04-2025 11:04 AM

Hello, good day team, I'll review what you've told me and give you feedback.

0 Helpful
Customers Also Viewed These Support Documents