cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
ISE 2.4 Patch 7 is available! View the ISE 2.4 Release Notes and Download!

Choose one of the topics below for ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

468
Views
25
Helpful
22
Replies
Highlighted
Rising star

Re: 802.1x Domain = unknown - status = Unauth - Method = N/A

no you hitting the deny rule

deny.PNG

please do not forget to rate.
Beginner

Re: 802.1x Domain = unknown - status = Unauth - Method = N/A

@Sheraz.Salim

I thought the request will hit the first rule and then if nothing,then it will move to default. 

 

Thanks!

VIP Engager

Re: 802.1x Domain = unknown - status = Unauth - Method = N/A

Domain unknown status Unauth is usually dead AAA servers.  I might have missed this but did you try "show aaa servers".  That is the first command you should try in troubleshooting.

 

Beginner

Re: 802.1x Domain = unknown - status = Unauth - Method = N/A

@paul Thanks!

 

here is the show aaa servers. 

 

SW-lab#sho aaa servers

RADIUS: id 1, priority 1, host 10.5.6.100, auth-port 1812, acct-port 1813
State: current UP, duration 126871s, previous duration 0s
Dead: total time 0s, count 6
Platform State from SMD: current UP, duration 126870s, previous duration 0s
SMD Platform Dead: total time 0s, count 8
Platform State from WNCD: current UP, duration 0s, previous duration 0s
Platform Dead: total time 0s, count 0
Quarantined: No
Authen: request 277, timeouts 48, failover 0, retransmission 36
Response: accept 6, reject 33, challenge 190
Response: unexpected 0, server error 0, incorrect 16, time 104ms
Transaction: success 229, failure 12
Throttled: transaction 0, timeout 0, failure 0
Author: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Account: request 328, timeouts 4, failover 0, retransmission 4
Request: start 5, interim 0, stop 5
Response: start 5, interim 0, stop 5
Response: unexpected 0, server error 0, incorrect 0, time 8ms
Transaction: success 324, failure 0
Throttled: transaction 0, timeout 0, failure 0
Elapsed time since counters last cleared: 3d10h20m
Estimated Outstanding Access Transactions: 0
Estimated Outstanding Accounting Transactions: 0
Estimated Throttled Access Transactions: 0
Estimated Throttled Accounting Transactions: 0
Maximum Throttled Transactions: access 0, accounting 0
Requests per minute past 24 hours:
high - 10 hours, 19 minutes ago: 0
low - 10 hours, 19 minutes ago: 0
average: 0

VIP Engager

Re: 802.1x Domain = unknown - status = Unauth - Method = N/A

This may not help, but with that version of code I would be running the IBNS 2.0 style configuration unless you have the legacy style running in your network and you are trying to be consistent in your lab. 

Beginner

Re: 802.1x Domain = unknown - status = Unauth - Method = N/A

:-) learning is learning . IBNS 1.0 first IBNS 2.0 next. for now - I am looking how to get this one working on 1.0 . 

Beginner

Re: 802.1x Domain = unknown - status = Unauth - Method = N/A

I have noticed in your attachment that there is 1 misconfigured network device. Are you using the following ip radius server key [0 | 7| something like that depending on your ios version
Beginner

Re: 802.1x Domain = unknown - status = Unauth - Method = N/A

I am using 

 

radius server (radius name)

address x.x.x.x auth-port 1812 acct-port 1813

key (Key name)