After configured Policy authentication and authorization on the Cisco ISE 2.3. we noticed that during the test, there are some machines which are undetectable on the server. On the switch when I run the command
show authentication session int gX/Y
we saw that dot1x authentication failed but MAB authentication keep on running. Also MAC and IP address of these endpoints are unknown. The endpoint get the IP address but on the server there is nothing. How can we solve this issue ?
Endpoints might get stuck in "Running" state with "UNKNOWN" MAC, if the port is up, but there is no MAC address. If you do see MAC on the port, check your IOS version. I had problems with 12.2(55)SE9 version on the old 3560s and also the early versions of 15.0(2) on 2960x. Upgrading to the later release solved the issues.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...