Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2672
Views
0
Helpful
5
Replies

Auth error on Port AUTH-ERROR auth_mgr_swsb

dirar
Level 1
Level 1

‎06-10-2020 03:17 AM

Hello,

 

I am getting the below Auth Error:

AUTH-ERROR: [Gi1/0/24] auth_mgr_swsb missing, Unable to get int policy configured status

 

Interface config:

 

interface GigabitEthernet1/0/24
switchport access vlan 3

switchport mode access
!

 

Interface is connected to an Access point. Access point is working without known issues.

 

I have configured radius auth with windows using the below commands:

aaa new-model
!
!
aaa group server radius RSERVER
server-private 192.168.0.2 auth-port 1812 acct-port 1813 key 7 PASS

server-private 192.168.0.3 auth-port 1812 acct-port 1813 key 7 PASS
!
aaa authentication dot1x default group RSERVER


dot1x system-auth-control

 

 

Any Ideas?

 

Thank you

 

Labels:
0 Helpful
5 Replies 5

Anurag Sharma
Cisco Employee
Cisco Employee

‎06-10-2020 04:42 AM

Hi @dirar ,

Do you want to configure authentication on the port 1/0/24?

Coz, at the moment, there are no authentication commands configured. If you do 'show auth session inter Gi1/0/24 detail', what do you see?

Hope that helps!
Please 'RATE' and 'MARK ACCEPTED', if applicable.
0 Helpful

dirar
Level 1
Level 1
In response to Anurag Sharma

‎06-10-2020 06:09 AM

Actually no, the port 24 has no authentication but I keep getting the strange error I mentioned before

0 Helpful

poongarg
Cisco Employee
Cisco Employee
In response to dirar

‎06-10-2020 06:32 AM

These logs are seen when you have authentication enabled globally on your device and the authentication manager is not able to validate the authentication policies or configuration from those interfaces. This can be because those interfaces are not configured to perform authentication.

These logs don't interfere on the authentication process and just indicate that the authentication manager is unable to retrieve the authentication configuration from the interfaces listed on the logs.

The ports configured to perform Dot1x authentication should be working normally and should be able to process Dot1x requests as normal.
0 Helpful

dirar
Level 1
Level 1
In response to poongarg

‎06-10-2020 01:27 PM

Thank you for your answer. So to add in the interface:

 

dot1x port-control auto

or

authentication port-control auto

 

0 Helpful

poongarg
Cisco Employee
Cisco Employee
In response to dirar

‎06-10-2020 06:46 PM

It depends upon your switch SW version.

Cisco IOS Release 12.2(46)SE and earlier- "dot1x port-control auto"

Cisco IOS Release 12.2(50)SE or later- "authentication port-control auto"

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents