In our network we use dot1x authentication to authenticatie devices to the network. When devices are authenticated they get the right vlan assignment. When this fails they will get the guest vlan assigned. Lately we see a lot of pc's that cannot login on the network because they are not authenticated right. When i check the interface authentication process the dot1x service status is stopped:
sh access-session interface gi1/0/12 details Interface: GigabitEthernet1/0/12 IIF-ID: 0x101430000001656 MAC Address: 8cdc.d436.a930 IPv6 Address: Unknown IPv4 Address: 10.212.12.13 User-Name: 8cdcd436a930 Status: Authorized Domain: DATA Oper host mode: multi-domain Oper control dir: both Session timeout: N/A Common Session ID: 0AD40D05000154A4725862FE Acct Session ID: 0x0001F08F Handle: 0x14000CA6 Current Policy: POLICY_Gi1/0/1
Local Policies: Service Template: GUEST_VLAN_Gi1/0/1 (priority 150) Vlan Group: Vlan: 12
Method status list: Method State dot1x Stopped mab Stopped
We use Windows NPS as radius server. Checking the event viewer on this server i don't see any request from this pc.
I am figuring out why the dot1x method stopped. Is this an issue on the switch or on the client? Or does the NPS server not respond?