Javier, I don't have any specifics on Steve's issue, but I have run into this with other RADIUS deployments.
You configure your RADIUS server with the Management IP address you use (in this case, the Loopback). But if you don't specify this command on the swtich, the Switch will choose the interface to originate the packets from (There is an algorithm, but I think it's lowest IP address). So the packets reaching the RADIUS server don't match any profiles. Mike On Fri, Mar 1, 2013 at 9:27 AM, Javier Henderson <[email protected]> wrote: > On Feb 27, 2013, at 4:55 PM, Steve Stockmal <[email protected]> > wrote: > > > - Add “ip radius source-interface Loopback0” for any switch > addressed with a Loopback address rather than a management address. ISE > will NOT work without this. > > Steve, > > Can you be more specific on this? Did you have a TAC case with us that I > can refer to? > > I can't see why the above would be a requirement, all that command does is > set the RADIUS packets to be sourced from Loopback 0, you should be able to > source your packets from any interface, so long as your network > configuration allows that (i.e., routing is in place, no packet filters, > etc.). > > Javier Henderson > [email protected] >
