Symptom
Devices remain unauthorized without network connectivity, when the AAA Servers are not reachable.
Conditions
Adding the command "authentication event server dead action authorize voice" without a Voice VLAN configured on the switchport, causes critical authentications to fail on the Data VLAN too.
Workaround
1. When adding the command "authentication event server dead action authorize voice", a Voice VLAN number also needs to be configured as follows:
example:
switchport access vlan 701
switchport voice vlan 49
switchport mode access
device-tracking attach-policy ISE-DEV-TRACKING
authentication control-direction in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 701
authentication event server dead action authorize voice
OR
2. Avoid using the "authentication event server dead action authorize voice" command, if a Voice VLAN is not defined on the interface.
Further Problem Description
