08-22-2012 06:31 AM
Hi All,
We are getting contineous logs on the switch as below
7313BD1F1
Aug 22 18:58:50.802 IST: %AUTHMGR-5-SUCCESS: Authorization succeeded for client (0013.7288.09a9) on Interface Fa5/36 AuditSessionID 3A02251100004F0D2CBF2363
Aug 22 18:59:49.685 IST: %DOT1X-5-SUCCESS: Authentication successful for client (d4be.d9c7.2a6c) on Interface Fa2/24 AuditSessionID 3A02251100004FB131C92D95
the port config is as below
switchport access vlan 5
switchport mode access
switchport voice vlan 303
switchport port-security maximum 4
switchport port-security
switchport port-security aging time 1
authentication event no-response action authorize vlan 5
authentication port-control auto
no snmp trap link-status
dot1x pae authenticator
storm-control broadcast level 0.17
no cdp enable
spanning-tree portfast
spanning-tree bpdufilter enable
spanning-tree bpduguard enable
Can somebody help to stop the above logs.
Thanks
09-18-2013 05:48 PM
As per your Interface configuration goes, port-security aging-time is set to 1 minute with aging-type as Absolute (default).
This means after every 1 minute, the MAC address learnt on the access vlan will be aged out.
Hence when the subsequent frame from the devices is received, it is learnt once again.
For dot1x mechanism this indicates the presence of a new device and it triggers dot1x authentication once again.
This is why your end devices are re-authenticated once in every 1 minute.
To resolve this, either remove aging-time or increase it to large optimal value or change the aging-type to inactivity.
Incase of aging-type set to inactivity, if the connected end device remains idle for the duration of aging-time, learnt MAC address will be aged out and you can expect the same behaviour mentioned above
09-18-2013 10:12 PM
To get rid of that useless types of syslog messages, you could configure a logging discriminator.
A simple example:
logging discriminator DOT1X mnemonics drops SUCCESS
logging buffered discriminator DOT1X
logging console discriminator DOT1X
(...)
HTH
Rolf
P.S.: The format of syslog-messages is %
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide