Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Education & Development
Jobs and Careers
MAB authentication issue with Cisco ISE
OfWolfAndMan
OK guys, I have an issue here. Not sure about how many of you are familiar with Cisco ISE, but I'm currently working on getting some VOIP phones working with MAB commands configured as well. I have configured an Endpoint group and an identity for this particular phone in the identity management section. There are plenty of other phones that have been configured with these same commands, and have no issues. Everything works fine until I issue the
#authentication port-control auto
command, and this is when the device times out and shows as unauthorized when I use the
#show authentication sessions interface gx/x/x
. Removing it sometimes brings the pings back up, but sometimes I have to completely remove all mab commands and reissue them. Here's what I have currently (Outside of the generic switchport commands):
#switchport block unicast
#authentication event fail action next-method
#authentication host-mode multi-domain
#authentication order mab dot1x
#authentication priority dot1x mab
#authentication periodic
#authentication violation restrict
#mab
#dot1x pae authenticator
#dot1x timeout tx-period 10
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
OfWolfAndMan
Update: DOH! Looks like there was a RADIUS authentication key mismatch in the network devices config for this particular switch. All good now!
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
