12-01-2019 07:27 PM
Currently have an issue when our edge switch reboots the authentication sessions on the switch come back with "UNKNOWN" domain.
The AAA server is marked as "alive" but these auth session stay in an "UNKNOWN" Domain and failed Authentication .
Shouldn't these port "reinitialize" when the AAA server become reachable again?
Solved! Go to Solution.
12-05-2019 04:30 PM - edited 12-05-2019 04:31 PM
Try the following:
authentication event server dead action reinitialize {ACCESS_VLAN}
authentication event server dead action authorize voice
12-05-2019 03:33 PM
It may be possible that since this is due to switch reload rather than AAA down scenario, the reinitialization is not being triggered. It has been a while, but I recall suggesting to recycle the interface (shut/no shut) after such incident to get the authentication working, which can be scripted via management tool.
12-05-2019 03:53 PM
Hi,
thanks for the reply, but even when the radius server is marked down the session on the switch ports fail into an authorized state with DOMAIN UNKNOWN. When the server becomes reachable again the Domain stays in UNKNOWN state,
Is there a mechanism to re-initilise the ports without a shut no shut? I would of though the switch port config "alive action re-initilize" as enough?
.
12-05-2019 04:30 PM - edited 12-05-2019 04:31 PM
Try the following:
authentication event server dead action reinitialize {ACCESS_VLAN}
authentication event server dead action authorize voice
02-05-2020 10:46 PM
Still an issue,
Ports are being marked in an UNKNOWN state when the radius server is marked DEAD. Then when radius server comes back online the DOMAIN remains in UNKNOWN state
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide