03-12-2013 09:32 AM - edited 03-10-2019 08:11 PM
HI, I have setup my 3550 to authenticate using radius to a win2008 NPS server. I have set it up to use RADIUS for login and 802.1x. The login works and I authenticate using my win AD credentials but when we try to authenticate using 802.1x we receive an access-rejest responce on the switch.
Below is my config and some outpuy
Mar 12 16:19:42.078: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/23.
Mar 12 16:19:42.078: dot1x-packet:dot1x_mgr_process_eapol_pak: queuing an EAPOL pkt on Authenticator Q
Mar 12 16:19:42.078: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
Mar 12 16:19:42.078: EAPOL pak dump rx
Mar 12 16:19:42.078: EAPOL Version: 0x1 type: 0x1 length: 0x0000
Mar 12 16:19:42.078: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/23 CODE= 0,TYPE= 0,LEN= 0
Mar 12 16:19:42.078: dot1x-packet:Received an EAPOL frame on interface FastEthernet0/23
Mar 12 16:19:42.078: dot1x-ev:Received pkt saddr =406c.8f13.521a , daddr = 0180.c200.0003,
pae-ether-type = 888e.0101.0000
Mar 12 16:19:42.078: dot1x-ev:Created a client entry for the supplicant 406c.8f13.521a
Mar 12 16:19:42.078: dot1x-ev:Found the default authenticator instance on FastEthernet0/23
Mar 12 16:19:42.078: dot1x-registry:EAPOL traffic seen on FastEthernet0/23
Mar 12 16:19:42.078: dot1x-ev:dot1x_auth_process_eapol: EAPOL flag status of the port Fa0/23 is FALSE
Mar 12 16:19:42.078: dot1x-ev:dot1x_auth_process_eapol: EAPOL flag set for the port Fa0/23
Mar 12 16:19:42.078: dot1x-packet:Received an EAPOL-Start packet on interface FastEthernet0/23
Mar 12 16:19:42.078: EAPOL pak dump rx
Mar 12 16:19:42.078: EAPOL Version: 0x1 type: 0x1 length: 0x0000
Mar 12 16:19:42.082: dot1x-sm:Posting EAPOL_START on Client=2147268
Mar 12 16:19:42.082: dot1x_auth Fa0/23: during state auth_authenticating, got event 4(eapolStart)
Mar 12 16:19:42.082: @@@ dot1x_auth Fa0/23: auth_authenticating -> auth_aborting
Mar 12 16:19:42.082: dot1x-sm:Fa0/23:406c.8f13.521a:auth_authenticating_exit called
Mar 12 16:19:42.082: dot1x-sm:Fa0/23:406c.8f13.521a:auth_aborting_enter called
Mar 12 16:19:42.082: dot1x-sm:Posting AUTH_ABORT on Client=2147268
Mar 12 16:19:42.082: dot1x_auth_bend Fa0/23: during state auth_bend_request, got event 1(authAbort)
Mar 12 16:19:42.082: @@@ dot1x_auth_bend Fa0/23: auth_bend_request -> auth_bend_initialize
Mar 12 16:19:42.082: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_initialize_enter called
Mar 12 16:19:42.082: dot1x_auth_bend Fa0/23: idle during state auth_bend_initialize
Mar 12 16:19:42.082: @@@ dot1x_auth_bend Fa0/23: auth_bend_initialize -> auth_bend_idle
Mar 12 16:19:42.082: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_idle_enter called
Mar 12 16:19:42.082: dot1x-sm:Posting !AUTH_ABORT on Client=2147268
Mar 12 16:19:42.082: dot1x_auth Fa0/23: during state auth_aborting, got event 21(no_eapolLogoff_no_authAbort)
Mar 12 16:19:42.082: @@@ dot1x_auth Fa0/23: auth_aborting -> auth_restart
Mar 12 16:19:42.082: dot1x-sm:Fa0/23:406c.8f13.521a:auth_aborting_exit called
Mar 12 16:19:42.082: dot1x-sm:Fa0/23:406c.8f13.521a:auth_restart_enter called
Mar 12 16:19:42.082: dot1x-ev:Sending create new context event to EAP for 406c.8f13.521a
Mar 12 16:19:42.082: dot1x-sm:Fa0/23:406c.8f13.521a:auth_aborting_restart_action called
Mar 12 16:19:42.082: dot1x-sm:Posting !EAP_RESTART on Client=2147268
Mar 12 16:19:42.082: dot1x_auth Fa0/23: during state auth_restart, got event 6(no_eapRestart)
Mar 12 16:19:42.082: @@@ dot1x_auth Fa0/23: auth_restart -> auth_connecting
Mar 12 16:19:42.082: dot1x-sm:Fa0/23:406c.8f13.521a:auth_connecting_enter called
Mar 12 16:19:42.082: dot1x-sm:Fa0/23:406c.8f13.521a:auth_restart_connecting_action called
Mar 12 16:19:42.086: dot1x-packet:Received an EAP request packet from EAP for mac 406c.8f13.521a
Mar 12 16:19:42.086: dot1x-sm:Posting RX_REQ on Client=2147268
Mar 12 16:19:42.086: dot1x_auth Fa0/23: during state auth_connecting, got event 11(eapReq_no_reAuthMax)
Mar 12 16:19:42.086: @@@ dot1x_auth Fa0/23: auth_connecting -> auth_authenticating
Mar 12 16:19:42.086: dot1x-sm:Fa0/23:406c.8f13.521a:auth_authenticating_enter called
Mar 12 16:19:42.086: dot1x-sm:Fa0/23:406c.8f13.521a:auth_connecting_authenticating_action called
Mar 12 16:19:42.086: dot1x-sm:Posting AUTH_START on Client=2147268
Mar 12 16:19:42.086: dot1x_auth_bend Fa0/23: during state auth_bend_idle, got event 4(eapReq_authStart)
Mar 12 16:19:42.086: @@@ dot1x_auth_bend Fa0/23: auth_bend_idle -> auth_bend_request
Mar 12 16:19:42.086: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_request_enter called
Mar 12 16:19:42.086: dot1x-packet:dot1x_mgr_send_eapol :EAP code: 0x1 id: 0x2 length: 0x0005 type: 0x1 data:
Mar 12 16:19:42.086: dot1x-ev:FastEthernet0/23:Sending EAPOL packet to group PAE address
Mar 12 16:19:42.086: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/23.
Mar 12 16:19:42.086: dot1x-registry:registry:dot1x_ether_macaddr called
Mar 12 16:19:42.086: dot1x-ev:dot1x_mgr_send_eapol: Sending out EAPOL packet on FastEthernet0/23
Mar 12 16:19:42.086: EAPOL pak dump Tx
Mar 12 16:19:42.086: EAPOL Version: 0x2 type: 0x0 length: 0x0005
Mar 12 16:19:42.086: EAP code: 0x1 id: 0x2 length: 0x0005 type: 0x1
Mar 12 16:19:42.086: dot1x-packet:dot1x_txReq: EAPOL packet sent to client (406c.8f13.521a)
Mar 12 16:19:42.086: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_idle_request_action called
Mar 12 16:19:42.090: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/23.
Mar 12 16:19:42.090: dot1x-packet:dot1x_mgr_process_eapol_pak: queuing an EAPOL pkt on Authenticator Q
Mar 12 16:19:42.090: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
Mar 12 16:19:42.090: EAPOL pak dump rx
Mar 12 16:19:42.090: EAPOL Version: 0x1 type: 0x0 length: 0x000D
Mar 12 16:19:42.090: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/23 CODE= 2,TYPE= 1,LEN= 13
Mar 12 16:19:42.090: dot1x-packet:Received an EAPOL frame on interface FastEthernet0/23
Mar 12 16:19:42.090: dot1x-ev:Received pkt saddr =406c.8f13.521a , daddr = 0180.c200.0003,
pae-ether-type = 888e.0100.000d
Mar 12 16:19:42.090: dot1x-ev:dot1x_auth_process_eapol: EAPOL flag status of the port Fa0/23 is TRUE
Mar 12 16:19:42.090: dot1x-packet:Received an EAP packet on interface FastEthernet0/23
Mar 12 16:19:42.090: EAPOL pak dump rx
Mar 12 16:19:42.090: EAPOL Version: 0x1 type: 0x0 length: 0x000D
Mar 12 16:19:42.090: dot1x-packet:Received an EAP packet on the FastEthernet0/23 from mac 406c.8f13.521a
Mar 12 16:19:42.090: dot1x-sm:Posting EAPOL_EAP on Client=2147268
Mar 12 16:19:42.090: dot1x_auth_bend Fa0/23: during state auth_bend_request, got event 6(eapolEap)
Mar 12 16:19:42.094: @@@ dot1x_auth_bend Fa0/23: auth_bend_request -> auth_bend_response
Mar 12 16:19:42.094: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_response_enter called
Mar 12 16:19:42.094: dot1x-ev:dot1x_sendRespToServer: Response sent to the server from 406c.8f13.521a
Mar 12 16:19:42.094: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_request_response_action called
Mar 12 16:19:42.094: RADIUS/ENCODE(0000002F):Orig. component type = DOT1X
Mar 12 16:19:42.094: RADIUS: AAA Unsupported Attr: audit-session-id [599] 24
Mar 12 16:19:42.094: RADIUS: 41 43 31 30 30 33 39 30 30 30 30 30 30 30 31 46 [AC1003900000001F]
Mar 12 16:19:42.094: RADIUS: 30 31 38 41 45 37 [ 018AE7]
Mar 12 16:19:42.094: RADIUS: AAA Unsupported Attr: interface [170] 16
Mar 12 16:19:42.098: RADIUS: 46 61 73 74 45 74 68 65 72 6E 65 74 30 2F [ FastEthernet0/]
Mar 12 16:19:42.098: RADIUS(0000002F): Config NAS IP: 0.0.0.0
Mar 12 16:19:42.098: RADIUS/ENCODE(0000002F): acct_session_id: 46
Mar 12 16:19:42.098: RADIUS(0000002F): sending
Mar 12 16:19:42.098: RADIUS/ENCODE: Best Local IP-Address 172.16.3.144 for Radius-Server 172.16.140.100
Mar 12 16:19:42.098: RADIUS(0000002F): Send Access-Request to 172.16.140.100:1645 id 1645/28, len 149
Mar 12 16:19:42.098: RADIUS: authenticator C9 DF DF 9A 56 28 20 90 - 2A 7F 95 B3 7D 5A E5 74
Mar 12 16:19:42.098: RADIUS: User-Name [1] 10 "coultiss"
Mar 12 16:19:42.098: RADIUS: Service-Type [6] 6 Framed [2]
Mar 12 16:19:42.098: RADIUS: Framed-MTU [12] 6 1500
Mar 12 16:19:42.098: RADIUS: Called-Station-Id [30] 19 "00-0B-46-4D-5D-97"
Mar 12 16:19:42.098: RADIUS: Calling-Station-Id [31] 19 "40-6C-8F-13-52-1A"
Mar 12 16:19:42.098: RADIUS: EAP-Message [79] 15
Mar 12 16:19:42.098: RADIUS: 02 02 00 0D 01 63 6F 75 6C 74 69 73 73 [ lappy]
Mar 12 16:19:42.098: RADIUS: Message-Authenticato[80] 18
Mar 12 16:19:42.102: RADIUS: E4 09 C1 E0 41 90 A3 9B EE 46 6F 08 B5 29 A9 68 [ AFo)h]
Mar 12 16:19:42.102: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
Mar 12 16:19:42.102: RADIUS: NAS-Port [5] 6 50023
Mar 12 16:19:42.102: RADIUS: NAS-Port-Id [87] 18 "FastEthernet0/23"
Mar 12 16:19:42.102: RADIUS: NAS-IP-Address [4] 6 172.16.3.144
Mar 12 16:19:42.258: RADIUS: Received from id 1645/28 172.16.140.100:1645, Access-Reject, len 44
Mar 12 16:19:42.258: RADIUS: authenticator C9 74 EC D5 27 4B 1B 4D - 5D C9 89 5B 9C 0F 50 58
Mar 12 16:19:42.258: RADIUS: EAP-Message [79] 6
Mar 12 16:19:42.258: RADIUS: 04 02 00 04
Mar 12 16:19:42.258: RADIUS: Message-Authenticato[80] 18
Mar 12 16:19:42.258: RADIUS: 3D 42 A2 D3 AB F7 F7 B5 5C A5 55 FB 3F 89 10 9B [ =B\U?]
Mar 12 16:19:42.258: RADIUS(0000002F): Received from id 1645/28
Mar 12 16:19:42.258: RADIUS/DECODE: EAP-Message fragments, 4, total 4 bytes
Mar 12 16:19:42.262: dot1x-ev:Authorization data for client 406c.8f13.521a has been reset on FastEthernet0/23
Mar 12 16:19:42.262: dot1x-ev:Received an EAP Fail on FastEthernet0/23 for mac 406c.8f13.521a
Mar 12 16:19:42.262: dot1x-sm:Posting EAP_FAIL on Client=2147268
Mar 12 16:19:42.262: dot1x_auth_bend Fa0/23: during state auth_bend_response, got event 10(eapFail)
Mar 12 16:19:42.262: @@@ dot1x_auth_bend Fa0/23: auth_bend_response -> auth_bend_fail
Mar 12 16:19:42.262: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_response_exit called
Mar 12 16:19:42.262: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_fail_enter called
Mar 12 16:19:42.262: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_response_fail_action called
Mar 12 16:19:42.262: dot1x_auth_bend Fa0/23: idle during state auth_bend_fail
Mar 12 16:19:42.262: @@@ dot1x_auth_bend Fa0/23: auth_bend_fail -> auth_bend_idle
Mar 12 16:19:42.262: dot1x-sm:Fa0/23:406c.8f13.521a:auth_bend_idle_enter called
Mar 12 16:19:42.262: dot1x-sm:Posting AUTH_FAIL on Client=2147268
Mar 12 16:19:42.262: dot1x_auth Fa0/23: during state auth_authenticating, got event 16(authFail)
Mar 12 16:19:42.262: @@@ dot1x_auth Fa0/23: auth_authenticating -> auth_authc_result
Mar 12 16:19:42.262: dot1x-sm:Fa0/23:406c.8f13.521a:auth_authenticating_exit called
Mar 12 16:19:42.262: dot1x-sm:Fa0/23:406c.8f13.521a:auth_authc_result_enter called
Mar 12 16:19:42.262: dot1x-sm:Posting AUTHC_FAIL on Client=2147268
Mar 12 16:19:42.262: dot1x_auth Fa0/23: during state auth_authc_result, got event 24(authcFail)
Mar 12 16:19:42.262: @@@ dot1x_auth Fa0/23: auth_authc_result -> auth_held
Mar 12 16:19:42.262: dot1x-sm:Fa0/23:406c.8f13.521a:auth_held_enter called
Mar 12 16:19:42.262: dot1x-ev:dot1x_switch_authz_fail: Called for FastEthernet0/23 and 406c.8f13.521a
Mar 12 16:19:42.262: dot1x-ev:dot1x_switch_port_unauthorized: Unauthorizing interface FastEthernet0/23
Mar 12 16:19:42.262: dot1x-ev:dot1x_switch_is_dot1x_forwarding_enabled: Forwarding is disabled on Fa0/23
Mar 12 16:19:42.262: dot1x-ev:dot1x_switch_addr_remove: Did not locate HA entry for MAC 406c.8f13.521a on interface FastEthernet0/23
Mar 12 16:19:42.266: dot1x-ev:dot1x_vlan_assign_authz_fail on interface FastEthernet0/23
Mar 12 16:19:42.266: dot1x-packet:dot1x_mgr_send_eapol :EAP code: 0x4 id: 0x2 length: 0x0004 type: 0x0 data:
Mar 12 16:19:42.266: dot1x-ev:FastEthernet0/23:Sending EAPOL packet to group PAE address
Mar 12 16:19:42.266: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/23.
Mar 12 16:19:42.266: dot1x-registry:registry:dot1x_ether_macaddr called
Mar 12 16:19:42.266: dot1x-ev:dot1x_mgr_send_eapol: Sending out EAPOL packet on FastEthernet0/23
Mar 12 16:19:42.266: EAPOL pak dump Tx
Mar 12 16:19:42.266: EAPOL Version: 0x2 type: 0x0 length: 0x0004
Mar 12 16:19:42.266: EAP code: 0x4 id: 0x2 length: 0x0004
Mar 12 16:19:42.266: dot1x-packet:dot1x_txReq: EAPOL packet sent to client (406c.8f13.521a)
Mar 12 16:19:43.074: %LINK-3-UPDOWN: Interface FastEthernet0/23, changed state to up
Mar 12 16:19:47.478: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/23.
Mar 12 16:19:47.478: dot1x-packet:dot1x_mgr_process_eapol_pak: queuing an EAPOL pkt on Authenticator Q
Mar 12 16:19:47.478: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
Mar 12 16:19:47.482: EAPOL pak dump rx
Mar 12 16:19:47.482: EAPOL Version: 0x1 type: 0x1 length: 0x0000
Mar 12 16:19:47.482: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/23 CODE= 0,TYPE= 0,LEN= 0
Mar 12 16:19:47.482: dot1x-packet:Received an EAPOL frame on interface FastEthernet0/23
Mar 12 16:19:47.482: dot1x-ev:Received pkt saddr =406c.8f13.521a , daddr = 0180.c200.0003,
pae-ether-type = 888e.0101.0000
Mar 12 16:19:47.482: dot1x-ev:dot1x_auth_process_eapol: EAPOL flag status of the port Fa0/23 is TRUE
Mar 12 16:19:47.482: dot1x-packet:Received an EAPOL-Start packet on interface FastEthernet0/23
Mar 12 16:19:47.482: EAPOL pak dump rx
Mar 12 16:19:47.482: EAPOL Version: 0x1 type: 0x1 length: 0x0000
Mar 12 16:19:47.482: dot1x-sm:Posting EAPOL_START on Client=2147268
Mar 12 16:19:47.482: dot1x_auth Fa0/23: during state auth_held, got event 4(eapolStart) (ignored)
Mar 12 16:19:51.278: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/23.
Mar 12 16:19:51.278: dot1x-packet:dot1x_mgr_process_eapol_pak: queuing an EAPOL pkt on Authenticator Q
Mar 12 16:19:51.278: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
Mar 12 16:19:51.278: EAPOL pak dump rx
Mar 12 16:19:51.278: EAPOL Version: 0x1 type: 0x1 length: 0x0000
Mar 12 16:19:51.278: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/23 CODE= 0,TYPE= 0,LEN= 0
Mar 12 16:19:51.278: dot1x-packet:Received an EAPOL frame on interface FastEthernet0/23
Mar 12 16:19:51.278: dot1x-ev:Received pkt saddr =406c.8f13.521a , daddr = 0180.c200.0003,
pae-ether-type = 888e.0101.0000
Mar 12 16:19:51.278: dot1x-ev:dot1x_auth_process_eapol: EAPOL flag status of the port Fa0/23 is TRUE
Mar 12 16:19:51.278: dot1x-packet:Received an EAPOL-Start packet on interface FastEthernet0/23
Mar 12 16:19:51.278: EAPOL pak dump rx
Mar 12 16:19:51.282: EAPOL Version: 0x1 type: 0x1 length: 0x0000
Mar 12 16:19:51.282: dot1x-sm:Posting EAPOL_START on Client=2147268
Mar 12 16:19:51.282: dot1x_auth Fa0/23: during state auth_held, got event 4(eapolStart) (ignored)
Mar 12 16:20:10.878: dot1x-registry:dot1x_switch_port_physical_linkchange invoked on interface Fa0/23
Mar 12 16:20:10.878: dot1x-ev:
dot1x_switch_sb_vp_errdisable_set: setting Fa0/23 domain 1 to errdisabled
Mar 12 16:20:10.882: dot1x-ev:
dot1x_switch_sb_vp_errdisable_set: setting Fa0/23 domain 2 to errdisabled
Mar 12 16:20:10.882: dot1x-ev:dot1x_mgr_if_state_change: FastEthernet0/23 has changed to DOWN
Mar 12 16:20:10.882: dot1x-ev:Cleared all authenticator instances on FastEthernet0/23
Mar 12 16:20:10.882: dot1x-ev:dot1x_switch_port_unauthorized: Unauthorizing interface FastEthernet0/23
Mar 12 16:20:10.882: dot1x-ev:dot1x_switch_is_dot1x_forwarding_enabled: Forwarding is disabled on Fa0/23
Mar 12 16:20:10.882: dot1x-ev:dot1x_switch_addr_remove: Did not locate HA entry for MAC 406c.8f13.521a on interface FastEthernet0/23
Mar 12 16:20:10.882: dot1x-ev:dot1x_vlan_assign_client_deleted for 406c.8f13.521a on interface FastEthernet0/23
Mar 12 16:20:10.882: dot1x-ev:dot1x_vlan_assign_client_deleted: Ignoring client 406c.8f13.521a on FastEthernet0/23, domain is data
Mar 12 16:20:12.878: %LINK-3-UPDOWN: Interface FastEthernet0/23, changed state to down
Mar 12 16:20:13.966: dot1x-registry:dot1x_switch_port_linkcomingup invoked on interface Fa0/3
Mar 12 16:20:13.966: dot1x-registry:** dot1x_switch_vp_statechange:
Mar 12 16:20:13.966: dot1x-ev:ignored vlan 810 vp is added on interface FastEthernet0/3
Mar 12 16:20:13.966: dot1x-ev:dot1x_switch_is_dot1x_forwarding_enabled: Forwarding is disabled on Fa0/3
Mar 12 16:20:13.966: dot1x-ev:dot1x_switch_is_dot1x_forwarding_enabled: Forwarding is disabled on Fa0/3
Mar 12 16:20:14.974: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/3.
Mar 12 16:20:14.978: dot1x-packet:dot1x_mgr_process_eapol_pak: queuing an EAPOL pkt on Authenticator Q
Mar 12 16:20:14.978: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
Mar 12 16:20:14.978: EAPOL pak dump rx
Mar 12 16:20:14.978: EAPOL Version: 0x1 type: 0x1 length: 0x0000
Mar 12 16:20:14.978: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/3 CODE= 0,TYPE= 0,LEN= 0
Mar 12 16:20:14.978: dot1x-ev:Dot1x Packets are not expected oninterface FastEthernet0/3, no Dot1x subblock found
Mar 12 16:20:15.962: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to up
Mar 12 16:20:16.962: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up
Mar 12 16:20:44.974: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/3.
Mar 12 16:20:44.974: dot1x-packet:dot1x_mgr_process_eapol_pak: queuing an EAPOL pkt on Authenticator Q
Mar 12 16:20:44.974: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
Mar 12 16:20:44.974: EAPOL pak dump rx
Mar 12 16:20:44.974: EAPOL Version: 0x1 type: 0x1 length: 0x0000
Mar 12 16:20:44.974: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/3 CODE= 0,TYPE= 0,LEN= 0
Mar 12 16:20:44.974: dot1x-ev:Dot1x Packets are not expected oninterface FastEthernet0/3, no Dot1x subblock found
Mar 12 16:21:14.974: dot1x-ev:dot1x_mgr_pre_process_eapol_pak: Role determination not required on FastEthernet0/3.
Mar 12 16:21:14.974: dot1x-packet:dot1x_mgr_process_eapol_pak: queuing an EAPOL pkt on Authenticator Q
Mar 12 16:21:14.974: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
Mar 12 16:21:14.974: EAPOL pak dump rx
Mar 12 16:21:14.974: EAPOL Version: 0x1 type: 0x1 length: 0x0000
Mar 12 16:21:14.974: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/3 CODE= 0,TYPE= 0,LEN= 0
Mar 12 16:21:14.974: dot1x-ev:Dot1x Packets are not expected oninterface FastEthernet0/3, no Dot1x subblock foundMarMar
aaa new-model
aaa authentication login RAD-AUTH group radius local
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa session-id common
dot1x system-auth-control
dot1x guest-vlan supplicant
interface FastEthernet0/23
switchport mode access
dot1x pae authenticator
dot1x port-control auto
dot1x violation-mode protect
end
any ideas on the fails?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: