I might be wrong, but doesn´t the command "authentication open" mean, that the switch/port completly ignores authenticationmethods like MAB/dot1x? (In switchconfig it does)
I am most likely a greenhorn on networking and ISE but I´d guess for your c...
Are the clients member of an authentication group for dot1X?If not, how are the switches configured? Try authentication order MAB 802.1Xauthentication priortiy MAB 802.1XThis should prevent the client from trying dot1X when MAB already was successful...
Hi!
I am pretty new to this forum and I am not sure if your reply refers to my post or the op.
So, if you asked me:
1. First we created a ruleset that would make the ISE controll everything but with result "access permit".
2. On the switche...
Hi!
I am pretty new to this forum and I am not sure if your reply refers to my post or the op.
So, if you asked me:
1. First we created a ruleset that would make the ISE controll everything but with result "access permit".
2. On the switche...
Depending on what clients you want to authenticate the MAB-use besides 802.1x makes sense.
Think of older printers for example.
We just testet 802.1X with a small amount of clients and used the following in addition to the config on the ports.
...