01-14-2020 04:31 AM
Hello Experts,
I am seeing this behavior with my test lab, when endpoint connects, it authenticates via dot1x, goes through posture, and reported as compliant. Its also gets the final access, which is a VLAN change to the production VLAN.
But, soon in a few seconds, the same endpoint again authenticates via MAB and gets access via MAB.
I am not sure how this happening and seems that this issue only happens when my endpoints is behind a IP phone (Avaya).
This keeps happening in a loop.
I am using this following interface configuration:
interface FastEthernet0/1
switchport access vlan 142
switchport mode access
switchport voice vlan 141
no cdp enable
authentication event fail action next-method
authentication event server dead action authorize vlan 100
authentication event server dead action authorize voice
authentication event server alive action reinitialize
authentication host-mode multi-host
authentication order dot1x mab webauth
authentication priority dot1x mab webauth
authentication port-control auto
authentication periodic
authentication timer inactivity 15
mab
no snmp trap link-status
dot1x pae authenticator
dot1x timeout tx-period 15
spanning-tree portfast edge
spanning-tree bpduguard enable
Is there anything that I missing or have added extra for this interface configuration?
Solved! Go to Solution.
01-14-2020 05:28 AM
01-14-2020 05:28 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide