Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2677
Views
5
Helpful
3
Replies

802.1x Printer Timeout

SteveNext
Level 1
Level 1

‎07-09-2021 10:14 AM

I have configured 802.1x and MAB on my network with a 9200 switch and authentication is handled through ISE. All of this works fine and dandy however I have Xerox printers that go into full sleep mode after not being used for some time. As they go into this sleep mode, the traffic over the NIC goes idle and when the authentication timer runs out the device does not re-authenticate. As such, no one can print to the printer until someone manually wakes the printer up.

 

Short of disabling this sleep mode function on the printer, which we do not want to do, having another device send occasional pings to the, or changing the reauthenitcation period to a much longer time, is there any way to negate or keep the printer from losing this authentication?

Labels:
0 Helpful
3 Replies 3

marce1000
VIP
VIP

‎07-09-2021 11:59 PM

 

 - Check this thread : https://community.cisco.com/t5/network-access-control/mab-authentication-loses-connection-to-printer-after-days-weeks/td-p/4179318

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Octavian Szolga
Level 4
Level 4

‎07-14-2021 12:00 AM

Hi SteveNext,

 

Have you tried 'authentication control-direction in' on the printer port?

This would allow traffic from the network to the printer, so basically you will 'stimulate' the printer to wake from its sleep because of the print requests that users sent.

Another option would be to deactivate reauth timer. Why would you reauth a printer as long as only the printer is directly connected to that port? The port printer status UP keeps the session authenticated. Your auth session will be terminated when you reload/power off the printer or disconnect the cable.

 

Keep in mind that reauth/inactivity timer can be set locally on the switchport or dynamically sent from ISE.

I recommend setting the timer on ISE on a per authorization profile.

 

BR,

Octavian

 

 

 

0 Helpful

SteveNext
Level 1
Level 1
In response to Octavian Szolga

‎07-14-2021 07:52 AM

I can give the authentication control-direction in a try and see what happens.

 

The issue with the printers they go into a cold sleep mode and essentially when that happens the nic card is off. When that happens, the port doesn't re-authenticate because the switch doesn't see any traffic. This in turn does not allow users to print to the device until the device re-authenticates.

0 Helpful
Customers Also Viewed These Support Documents