01-30-2019 01:46 PM
I enable Dot1x - Plugged in the PC to Ipphone - My phone is registered with CM and my PC got an Ip address. The issue that I am having is Domain = unknown - status = Unauth - Method = N/A ---
Any help is appreciated.
SW-lab#sho authentication sessions interface g1/0/2
Interface MAC Address Method Domain Status Fg Session ID
--------------------------------------------------------------------------------------------
Gi1/0/2 0016.46a8.a523 N/A UNKNOWN Unauth 0A16640A00000032A0A896C4
Gi1/0/2 d4be.d95c.a825 N/A UNKNOWN Unauth 0A16640A00000033A0A8B9C7
SW-lab#sho run int g1/0/2
interface GigabitEthernet1/0/2
switchport access vlan 120
switchport mode access
switchport voice vlan 150
device-tracking
authentication timer reauthenticate server
access-session host-mode multi-domain
access-session port-control auto
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
end
Thanks
01-31-2019 07:54 AM
no you hitting the deny rule
01-31-2019 08:03 AM
I thought the request will hit the first rule and then if nothing,then it will move to default.
Thanks!
01-31-2019 12:20 PM
Domain unknown status Unauth is usually dead AAA servers. I might have missed this but did you try "show aaa servers". That is the first command you should try in troubleshooting.
01-31-2019 07:39 PM
@paul Thanks!
here is the show aaa servers.
SW-lab#sho aaa servers
RADIUS: id 1, priority 1, host 10.5.6.100, auth-port 1812, acct-port 1813
State: current UP, duration 126871s, previous duration 0s
Dead: total time 0s, count 6
Platform State from SMD: current UP, duration 126870s, previous duration 0s
SMD Platform Dead: total time 0s, count 8
Platform State from WNCD: current UP, duration 0s, previous duration 0s
Platform Dead: total time 0s, count 0
Quarantined: No
Authen: request 277, timeouts 48, failover 0, retransmission 36
Response: accept 6, reject 33, challenge 190
Response: unexpected 0, server error 0, incorrect 16, time 104ms
Transaction: success 229, failure 12
Throttled: transaction 0, timeout 0, failure 0
Author: request 0, timeouts 0, failover 0, retransmission 0
Response: accept 0, reject 0, challenge 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Throttled: transaction 0, timeout 0, failure 0
Account: request 328, timeouts 4, failover 0, retransmission 4
Request: start 5, interim 0, stop 5
Response: start 5, interim 0, stop 5
Response: unexpected 0, server error 0, incorrect 0, time 8ms
Transaction: success 324, failure 0
Throttled: transaction 0, timeout 0, failure 0
Elapsed time since counters last cleared: 3d10h20m
Estimated Outstanding Access Transactions: 0
Estimated Outstanding Accounting Transactions: 0
Estimated Throttled Access Transactions: 0
Estimated Throttled Accounting Transactions: 0
Maximum Throttled Transactions: access 0, accounting 0
Requests per minute past 24 hours:
high - 10 hours, 19 minutes ago: 0
low - 10 hours, 19 minutes ago: 0
average: 0
01-31-2019 08:28 PM
This may not help, but with that version of code I would be running the IBNS 2.0 style configuration unless you have the legacy style running in your network and you are trying to be consistent in your lab.
02-01-2019 09:37 AM
:-) learning is learning . IBNS 1.0 first IBNS 2.0 next. for now - I am looking how to get this one working on 1.0 .
08-06-2019 11:03 AM
Hi,
Did you resolve this issue?
I'm having a similar problem.
02-01-2019 04:56 AM
02-01-2019 09:51 AM
I am using
radius server (radius name)
address x.x.x.x auth-port 1812 acct-port 1813
key (Key name)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide