Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm having ISE 3.1 patch 3 . After disabling tls 1.0 the app server restarted and I could never login to any ISE node in deployment. It just shows blank page after login.The services are working fine, it's the admin GUI that is not accessible. I foun...
Hello,I have dot1x enabled on all ports including those to which APs connected.My scheme is like this:clients -- Access Point -- Access Switch -- Access Switch -- Access Point -- Clientswhen a client moves from one AP to another, his mac address stay...
Hello, I have just run into this issue. Just for the info: I had a DACL with 10 lines, i deleted 4 deny statements, leaving only permit tcp any host xxx . it helped me, so I hope it will help to others. Always check the syntax of DACL and the source ...
Hello @Jason2005 ,do you have problems with wired or wireless?yes, i've done many many config changes since then and now it's working OK, but we are still in a monitoring state of Dot1x.for access points' uplink ports I did the following settings:aut...
thanks a lot for your reply, that is really helpful.i did some googling and this is a guide for configuring flexconnect+dot1x in case someone else would also need it.https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-softwa...
thank you for your reply, it is in FlexConnect mode indeed. The thing is that we want everyone to be authenticated via dot1x, both wireless AP and clients. is it not possible?so I have two options: local mode+dot1x or flexconnect with multihost mode?
Hi,As far as I know, if a mac address is authorized via dot1x or port-security , it becomes static (and secure). and never ages out.Please correct me if I got it wrong.
