Hi everyone, 

I've been scratching my head with this issue, thus reaching out for help.  I have a 3560G running 2.2(58)SE2 and I want to configure dot1x.  Here is the config: 

aaa new-model
aaa group server radius myradius
aaa group server tacacs+ mytacacs
aaa authentication login mylocal local
aaa authentication login mytacacs group mytacacs local
aaa authentication dot1x default group myradius
aaa authorization config-commands
aaa authorization network default group myradius
aaa authorization network myradius group radius
aaa server radius dynamic-author
aaa session-id common

dot1x system-auth-control
dot1x guest-vlan supplicant

interface GigabitEthernet0/11
switchport access vlan 500
switchport mode access
switchport voice vlan 600
srr-queue bandwidth share 1 30 35 5
priority-queue out
authentication host-mode multi-auth
authentication order mab dot1x
authentication priority mab dot1x
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
mls qos trust device cisco-phone
mls qos trust dscp
dot1x pae authenticator
dot1x timeout server-timeout 30
dot1x max-req 3
dot1x max-reauth-req 3
spanning-tree portfast
spanning-tree bpduguard enable
end

The phone authenticates without a problem (looking at the logs on the radius server), but the PC behind it does not.  Also (I'm not where this phone & pc are) I was told that the port was showing an amber light.  The phone works but the PC doesn't - I can't ping it or can't ping out from the PC either.  The odd part is that this was working before, but today we decided to test again before deploying it in prod.  All we did is plug back in a phone with a pc (just like a month ago before this pandemic) and it worked.  Nothing has been changed on the config since.  I noticed the mac address of phone nor pc doesn't show on the port.  

Does the configuration looks ok? 

debug dot1x all attached.  

Thank you in advance.

MG