11-08-2018 09:23 AM
We have seen a strange issue:
On a switch port (3850) we have put dot1x and MAB on, and the device is an Cisco AP. We have seen 10+ MAB authentication on this port for the wireless end devices MAB, all failing because of the policy.
Why is the port trying to authenticate the wireless endpoints?
the port is configured as multi-host, and it is an access port. The AP is in LOCAL mode. someone suggest to put it on multi-domain to solve it, but this does not make sense in the first place
Solved! Go to Solution.
11-08-2018 03:25 PM
APs usually drop a radio if there is not enough power. It almost sounds like the AP is acting like it's in FlexConnect where it does the routing and only tunnels command info back to the WLC. A normal AP should capwap tunnel everything back to the WLC and the switch should not see any of the traffic.
May be a TAC call.
11-08-2018 10:19 AM
11-08-2018 10:36 AM
11-08-2018 12:04 PM
11-08-2018 03:25 PM
APs usually drop a radio if there is not enough power. It almost sounds like the AP is acting like it's in FlexConnect where it does the routing and only tunnels command info back to the WLC. A normal AP should capwap tunnel everything back to the WLC and the switch should not see any of the traffic.
May be a TAC call.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: