Would you mind sharing some of the gotcha's? We're running 15.1(2)SY6 on a 6880-X-LE.
The machine will get an auth success, then the user will get an auth success. We've verified that the switch is downloading the correct dACL from ISE and applying it to the port.
show authentication sessions interface <interface-id>
show ip access-list interface <interface-id>
Most of the resources are available but filing sharing is working sporadically. If the user logs out and then logs back in, the same dACL is applied to the port and all of the shares are visible to the user, which is not expected behavior.
The issue version appears to be meet the minimum requirements for ISE 2.1, but it is not the recommended code for the 6880's listed in the ISE 2.1 compatibility matrix guide. Did you experience this issue? Are there any reasons you deployed the ISE recommended version of the switch recommended version?
... View more