Hi all,
I'm making a design for dot1x based on ISE C3PL Switch Config Template - Google Docs. Now, I'm running into an issue where the authentication is only triggered when a device connects to the switchport. Windows clients seem to trigger authentication after half an hour or so (either dot1x or mab), but regular clients like printers just sit there and maintain their connection, without mab being triggered. These ports don't ever show up in 'show access-session'. It seems like the 'session-started' event from the policy-map is only triggered after a shut/no shut or when a new client connects.
Has anyone solved this before? I'm looking at the policy-map for solutions, but I'm having trouble finding an event that would be triggered right after applying the policy to an interface. Or am I just going to have to shut/no shut the ports to trigger authentication?
Authentication server: ISE 2.7
Switches: Cat9200 running 16.9.5 & C2960X running 15.2
No comments:
Post a Comment