cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
985
Views
0
Helpful
0
Replies

Reinitialize Critical VLAN Fail

jsteffensen
Level 1
Level 1

Hi everybody.

I have a setup, containing 2x ACS 5.3 Servers and a 2960 Switch running Version 12.2(55)EX2.

When the ACS Servers are going down, we are authorizing client to the critical VLAN. This works just fine.

When the ACS Servers are coming up again, the reinitializing of the clients are not using the Authentication Priority as configured on the port.

We are using MAB and Dot1x (in this order) but have dot1x with highest priority, and the clients are getting a valid authentication from both MAB and dot1x.

When getting reinitialized after the ACS server is getting alive, the switch using the MAB only = First order and not First Priority.

Please find the Access Port configuration attached:

vlan 2

name NIRVANA

!

vlan 1250
name OFFICE

!

vlan 1750
name STAGING

!        
interface GigabitEthernet0/1
description *** CLIENT 802.1x ***
switchport access vlan 1750
switchport mode access
authentication control-direction in
authentication event fail action authorize vlan 2
authentication event server dead action authorize vlan 1250
authentication event no-response action authorize vlan 2
authentication event server alive action reinitialize
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
mab
dot1x pae authenticator
dot1x timeout quiet-period 10
dot1x timeout supp-timeout 5
spanning-tree portfast

Did anyone else expirience simular limitations with the "server alive action" ?

Best Regards

Jarle

0 Replies 0