ISE - Branch Wired Design - Non-Converged Access - Best policy on the switch??
I would like to understand that it would be the solution the most adapted in architecture ISE when the PSN server is on the central site and my remote site does not possess PSN and no equipments converge access.
What takes place it if my link between site central and remote site is down. In this case, which policy to put on my distant switch?
1/ Check various policies (dot1x -> MAB -> Web-auth) then no block port but just to send a message to the administrator.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...