First, configure the interface which is connected to the endpoint, previously we configured the interface as below:
SW(config)#int gi1/0/2
SW(config-if)#switchport mode access
SW(config-if)#authentication host-mode multi-auth
SW(config-if)#authentication open
SW(config-if)#dot1x pae authenticator
SW(config-if)#dot1x timeout tx-period 10
SW(config-if)#authentication port-control auto
SW(config-if)#authentication periodic
SW(config-if)#authentication timer reauthenticate server
Now, add this configuration for the interface:
SW(config-if)#mab
SW(config-if)#authentication order mab dot1x
SW(config-if)#authentication priority dot1x mab
so the result:
SW#sh authentication sessions int gi1/0/2
Interface MAC Address Method Domain Status Fg Session ID
———————————————————————-
Gi1/0/2 b8ca.3a7e.0f5a N/A UNKNOWN Unauth C0A80AFC00000FB4034126C2
Key to Session Events Blocked Status Flags:
A – Applying Policy (multi-line status for details)
D – Awaiting Deletion
F – Final Removal in progress
I – Awaiting IIF ID allocation
N – Waiting for AAA to come up
P – Pushed Session
R – Removing User Profile (multi-line status for details)
U – Applying User Profile (multi-line status for details)
X – Unknown Blocker
Runnable methods list:
Handle Priority Name
16 5 dot1x
18 10 mab
21 15 webauth
–More–
And if you check on the ISE:
