After configured Policy authentication and authorization on the Cisco ISE 2.3. we noticed that during the test, there are some machines which are undetectable on the server. On the switch when I run the command
show authentication session int gX/Y
we saw that dot1x authentication failed but MAB authentication keep on running. Also MAC and IP address of these endpoints are unknown. The endpoint get the IP address but on the server there is nothing. How can we solve this issue ?
Endpoints might get stuck in "Running" state with "UNKNOWN" MAC, if the port is up, but there is no MAC address. If you do see MAC on the port, check your IOS version. I had problems with 12.2(55)SE9 version on the old 3560s and also the early versions of 15.0(2) on 2960x. Upgrading to the later release solved the issues.
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...
Unable to get signature update from cisco.com
1. Make sure the router can get name resolution. Configure the router with a proper DNS name server.
ISR4451#utd threat-inspection signature update server cisco username xxxxx password yyyyy