01-30-2019 01:46 PM
I enable Dot1x - Plugged in the PC to Ipphone - My phone is registered with CM and my PC got an Ip address. The issue that I am having is Domain = unknown - status = Unauth - Method = N/A ---
Any help is appreciated.
SW-lab#sho authentication sessions interface g1/0/2
Interface MAC Address Method Domain Status Fg Session ID
--------------------------------------------------------------------------------------------
Gi1/0/2 0016.46a8.a523 N/A UNKNOWN Unauth 0A16640A00000032A0A896C4
Gi1/0/2 d4be.d95c.a825 N/A UNKNOWN Unauth 0A16640A00000033A0A8B9C7
SW-lab#sho run int g1/0/2
interface GigabitEthernet1/0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 150
device-tracking
authentication timer reauthenticate server
access-session host-mode multi-domain
access-session port-control auto
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
end
Thanks
01-31-2019 07:54 AM
no you hitting the deny rule
01-31-2019 08:03 AM
I thought the request will hit the first rule and then if nothing,then it will move to default.
Thanks!
01-31-2019 12:20 PM
Domain unknown status Unauth is usually dead AAA servers. I might have missed this but did you try "show aaa servers". That is the first command you should try in troubleshooting.
01-31-2019 07:39 PM
@paul Thanks!
here is the show aaa servers.
SW-lab#sho aaa servers
RADIUS: id 1, priority 1, host 10.5.6.100, auth-port 1812, acct-port 1813
State: current UP, duration 126871s, previous duration 0s
Dead: total time 0s, count 6
Platform State from SMD: current UP, duration 126870s, previous duration 0s
SMD Platform Dead: total time 0s, count 8
Platform State from WNCD: current UP, duration 0s, previous duration 0s
Platform Dead: total time 0s, count 0
Quarantined: No
Authen: request 277, timeouts 48, failover 0, retransmission 36
Response: accept 6, reject 33, challenge 190
Response: unexpected 0, server error 0, incorrect 16, time 104ms
Transaction: success 229, failure 12
Throttled: transaction 0, timeout 0, failure 0
Author: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Account: request 328, timeouts 4, failover 0, retransmission 4
Request: start 5, interim 0, stop 5
Response: start 5, interim 0, stop 5
Response: unexpected 0, server error 0, incorrect 0, time 8ms
Transaction: success 324, failure 0
Throttled: transaction 0, timeout 0, failure 0
Elapsed time since counters last cleared: 3d10h20m
Estimated Outstanding Access Transactions: 0
Estimated Outstanding Accounting Transactions: 0
Estimated Throttled Access Transactions: 0
Estimated Throttled Accounting Transactions: 0
Maximum Throttled Transactions: access 0, accounting 0
Requests per minute past 24 hours:
high - 10 hours, 19 minutes ago: 0
low - 10 hours, 19 minutes ago: 0
average: 0
01-31-2019 08:28 PM
This may not help, but with that version of code I would be running the IBNS 2.0 style configuration unless you have the legacy style running in your network and you are trying to be consistent in your lab.
02-01-2019 09:37 AM
:-) learning is learning . IBNS 1.0 first IBNS 2.0 next. for now - I am looking how to get this one working on 1.0 .
08-06-2019 11:03 AM
Hi,
Did you resolve this issue?
I'm having a similar problem.
02-01-2019 04:56 AM
02-01-2019 09:51 AM
I am using
radius server (radius name)
address x.x.x.x auth-port 1812 acct-port 1813
key (Key name)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: