cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cisco ISE 2.4 with Meraki MS mab authentification

Comes here often

Cisco ISE 2.4 with Meraki MS mab authentification

hello everyone 

 

 

we want to migrate our cisco switch infrastructure into a meraki infrastructure. But at this moment i can`t authentificate clients or devices by MAC adresse with the ISE 2.4 

 

The client gets from the ISE the right vlan but the switch doesn`t get these information. 

 

11001Received RADIUS Access-Request
11017RADIUS created a new session
11027Detected Host Lookup UseCase (Service-Type = Call Check (10))
15049Evaluating Policy Group
15008Evaluating Service Selection Policy
15041Evaluating Identity Policy
15013Selected Identity Source - Internal Endpoints
24209Looking up Endpoint in Internal Endpoints IDStore - 48:7A:55:03:FE:81
24211Found Endpoint in Internal Endpoints IDStore
22037Authentication Passed
24715ISE has not confirmed locally previous successful machine authentication for user in Active Directory
15036Evaluating Authorization Policy
15016Selected Authorization Profile - VLAN_242_full-access
11002Returned RADIUS Access-Accept

 

802.1x works fine with the MS Switches. 

 

plz let me now if someone can help me

 

 

kind regards

 

christian

1 REPLY 1
Highlighted
Here to help

Re: Cisco ISE 2.4 with Meraki MS mab authentification

Can you share the contents of the Authorization Profile sent from ISE to the switch.

 

It should match whats in this KB:

https://documentation.meraki.com/MS/Port_and_VLAN_Configuration/Dynamic_VLAN_assignment_via_802.1X_(...

 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.