cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
15927
Views
30
Helpful
23
Replies

802.1x Domain = unknown - status = Unauth - Method = N/A

BigK
Level 1
Level 1

I enable Dot1x - Plugged in the PC to Ipphone - My phone is registered with CM and my PC got an Ip address. The issue that I am having is Domain = unknown - status = Unauth - Method = N/A ---

 

Any help is appreciated. 

 

SW-lab#sho authentication sessions interface g1/0/2
Interface MAC Address Method Domain Status Fg Session ID
--------------------------------------------------------------------------------------------
Gi1/0/2 0016.46a8.a523 N/A UNKNOWN Unauth 0A16640A00000032A0A896C4
Gi1/0/2 d4be.d95c.a825 N/A UNKNOWN Unauth 0A16640A00000033A0A8B9C7

 

 

SW-lab#sho run int g1/0/2

interface GigabitEthernet1/0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 150
device-tracking
authentication timer reauthenticate server
access-session host-mode multi-domain
access-session port-control auto
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
end

 

Thanks

 

23 Replies 23

no you hitting the deny rule

deny.PNG

please do not forget to rate.

@Sheraz.Salim

I thought the request will hit the first rule and then if nothing,then it will move to default. 

 

Thanks!

Domain unknown status Unauth is usually dead AAA servers.  I might have missed this but did you try "show aaa servers".  That is the first command you should try in troubleshooting.

 

@paul Thanks!

 

here is the show aaa servers. 

 

SW-lab#sho aaa servers

RADIUS: id 1, priority 1, host 10.5.6.100, auth-port 1812, acct-port 1813
State: current UP, duration 126871s, previous duration 0s
Dead: total time 0s, count 6
Platform State from SMD: current UP, duration 126870s, previous duration 0s
SMD Platform Dead: total time 0s, count 8
Platform State from WNCD: current UP, duration 0s, previous duration 0s
Platform Dead: total time 0s, count 0
Quarantined: No
Authen: request 277, timeouts 48, failover 0, retransmission 36
Response: accept 6, reject 33, challenge 190
Response: unexpected 0, server error 0, incorrect 16, time 104ms
Transaction: success 229, failure 12
Throttled: transaction 0, timeout 0, failure 0
Author: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Account: request 328, timeouts 4, failover 0, retransmission 4
Request: start 5, interim 0, stop 5
Response: start 5, interim 0, stop 5
Response: unexpected 0, server error 0, incorrect 0, time 8ms
Transaction: success 324, failure 0
Throttled: transaction 0, timeout 0, failure 0
Elapsed time since counters last cleared: 3d10h20m
Estimated Outstanding Access Transactions: 0
Estimated Outstanding Accounting Transactions: 0
Estimated Throttled Access Transactions: 0
Estimated Throttled Accounting Transactions: 0
Maximum Throttled Transactions: access 0, accounting 0
Requests per minute past 24 hours:
high - 10 hours, 19 minutes ago: 0
low - 10 hours, 19 minutes ago: 0
average: 0

This may not help, but with that version of code I would be running the IBNS 2.0 style configuration unless you have the legacy style running in your network and you are trying to be consistent in your lab. 

:-) learning is learning . IBNS 1.0 first IBNS 2.0 next. for now - I am looking how to get this one working on 1.0 . 

Hi,

 

Did you resolve this issue?

 

I'm having a similar problem.

 

 

socratesp1980
Level 1
Level 1
I have noticed in your attachment that there is 1 misconfigured network device. Are you using the following ip radius server key [0 | 7| something like that depending on your ios version

I am using 

 

radius server (radius name)

address x.x.x.x auth-port 1812 acct-port 1813

key (Key name)

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: