Re: 802.1x Domain = unknown - status = Unauth - Method = N/A - Page 2

BigK · ‎01-30-2019

I enable Dot1x - Plugged in the PC to Ipphone - My phone is registered with CM and my PC got an Ip address. The issue that I am having is Domain = unknown - status = Unauth - Method = N/A ---

Any help is appreciated.

SW-lab#sho authentication sessions interface g1/0/2
Interface MAC Address Method Domain Status Fg Session ID
--------------------------------------------------------------------------------------------
Gi1/0/2 0016.46a8.a523 N/A UNKNOWN Unauth 0A16640A00000032A0A896C4
Gi1/0/2 d4be.d95c.a825 N/A UNKNOWN Unauth 0A16640A00000033A0A8B9C7

SW-lab#sho run int g1/0/2

interface GigabitEthernet1/0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 150
device-tracking
authentication timer reauthenticate server
access-session host-mode multi-domain
access-session port-control auto
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
end

Thanks

Sheraz.Salim · ‎01-31-2019

no you hitting the deny rule

please do not forget to rate.

BigK · ‎01-31-2019

@Sheraz.Salim

I thought the request will hit the first rule and then if nothing,then it will move to default.

Thanks!

paul · ‎01-31-2019

Domain unknown status Unauth is usually dead AAA servers. I might have missed this but did you try "show aaa servers". That is the first command you should try in troubleshooting.

BigK · ‎01-31-2019

@paul Thanks!

here is the show aaa servers.

SW-lab#sho aaa servers

RADIUS: id 1, priority 1, host 10.5.6.100, auth-port 1812, acct-port 1813
State: current UP, duration 126871s, previous duration 0s
Dead: total time 0s, count 6
Platform State from SMD: current UP, duration 126870s, previous duration 0s
SMD Platform Dead: total time 0s, count 8
Platform State from WNCD: current UP, duration 0s, previous duration 0s
Platform Dead: total time 0s, count 0
Quarantined: No
Authen: request 277, timeouts 48, failover 0, retransmission 36
Response: accept 6, reject 33, challenge 190
Response: unexpected 0, server error 0, incorrect 16, time 104ms
Transaction: success 229, failure 12
Throttled: transaction 0, timeout 0, failure 0
Author: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Account: request 328, timeouts 4, failover 0, retransmission 4
Request: start 5, interim 0, stop 5
Response: start 5, interim 0, stop 5
Response: unexpected 0, server error 0, incorrect 0, time 8ms
Transaction: success 324, failure 0
Throttled: transaction 0, timeout 0, failure 0
Elapsed time since counters last cleared: 3d10h20m
Estimated Outstanding Access Transactions: 0
Estimated Outstanding Accounting Transactions: 0
Estimated Throttled Access Transactions: 0
Estimated Throttled Accounting Transactions: 0
Maximum Throttled Transactions: access 0, accounting 0
Requests per minute past 24 hours:
high - 10 hours, 19 minutes ago: 0
low - 10 hours, 19 minutes ago: 0
average: 0

paul · ‎01-31-2019

This may not help, but with that version of code I would be running the IBNS 2.0 style configuration unless you have the legacy style running in your network and you are trying to be consistent in your lab.

BigK · ‎02-01-2019

:-) learning is learning . IBNS 1.0 first IBNS 2.0 next. for now - I am looking how to get this one working on 1.0 .

db9 · ‎08-06-2019

Hi,

Did you resolve this issue?

I'm having a similar problem.

socratesp1980 · ‎02-01-2019

I have noticed in your attachment that there is 1 misconfigured network device. Are you using the following ip radius server key [0 | 7| something like that depending on your ios version

BigK · ‎02-01-2019

I am using

radius server (radius name)

address x.x.x.x auth-port 1812 acct-port 1813

key (Key name)