Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3798
Views
0
Helpful
3
Replies

802.1x problem - 'timeout' from 'dot1x'

CSCO11448607
Level 1
Level 1

‎06-04-2013 05:19 AM - edited ‎03-10-2019 08:30 PM

Hello.

Sorry for my bad english.

Environment

supplicant: Windows 7 x86_64 with computer certificate

authenticator: catalyst c2960s ios 150-2.SE2

authentication server:  2x - Windows server 2012 NPS

authentication method: EAP-TLS

Switch configuration

interface GigabitEthernet1/0/11

description 5-13-2

switchport access vlan 340

switchport mode access

ip arp inspection limit rate 100

authentication control-direction in

authentication event server dead action authorize vlan 340

authentication port-control auto

authentication violation restrict

dot1x pae authenticator

dot1x max-req 3

dot1x max-reauth-req 3

no cdp enable

spanning-tree portfast

spanning-tree bpduguard enable

ip dhcp snooping limit rate 100

!

Problem

Оccasionally when computer is turned on, the authentication fails.

After disable/enable network interface on the computer (or after reboot computer), the authentication successful.

Log messages:

Jun  4 08:13:37 10.13.90.2 62971: gmt-sw-phd-01: Jun  4 2013 04:13:37.470 UTC: %DOT1X-5-FAIL: Authentication failed for client (80c1.6eef.c2e4) on Interface Gi1/0/12 AuditSessionID 0A0D5A02000027E85FC6C57D

Jun  4 08:13:38 10.13.90.2 62972: gmt-sw-phd-01: Jun  4 2013 04:13:37.470 UTC: %AUTHMGR-7-RESULT: Authentication result 'timeout' from 'dot1x' for client (80c1.6eef.c2e4) on Interface Gi1/0/12 AuditSessionID 0A0D5A02000027E85FC6C57D

What do I need do to solve this problem?

Thank you.

1 person had this problem
Labels:
0 Helpful
3 Replies 3

cweatherford
Level 1
Level 1

‎06-04-2013 07:56 AM

I have started having issues with my 2960's and 802.1x as well. I am running IOS 12.2(52)SE. Sometimes a reboot or port restart works but lately that has stopped working. We are using the AnyConnect client as our supplicant with user/password to ACS 4.2 server for Windows.

Any help would be awesome!

0 Helpful

CSCO11448607
Level 1
Level 1
In response to manjeets

‎07-19-2013 03:56 AM

Thank you.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents