AAA Configuration on Cisco Switch

Hello Indika

The authentication mode multi-auth feature is used when multiple devices authenticate on the same port. This includes situations where you use the voice VLAN feature of the switch, where you connect a PC or laptop to the phone’s switch port, and the phone in turn connects to the switch.

However, in your situation, where you connect each device (PC/Laptop/Phone) to a single switchport, you don’t need that command. For more information about it, take a look at this Cisco documentation:

As for dynamic VLAN assignment, it’s not a requirement but it’s a good practice. This is especially true if you have a large network and you want to automate the process of assigning VLANs based on the type of device. Cisco ISE can indeed assign the correct VLAN depending on whether it’s a voice or data device. This can help you manage your network more efficiently by segregating voice and data traffic, and also by applying different security policies for different types of devices.

I hope this has been helpful!

Laz