I have a 2811 and a newer model 16 port switch with a 10/100/100 ge uplink port. On previous models the switch (PoE) did not have an uplink port and the command set integrated directly into the router's CLI. WIth this newer version, you actually have to session into the switch to gain access to switch level commands (no big deal, just providing context).
I currently use dot1x authentication on these devices. On the previous setup, the router with the added switch commands, would save the dot1x information in the running config in a small table. Occasionally a computer wound fail to send an EAP message or the switch would fail to receive the EAP message to remove the entry from this small table. The table would be in the following format:
When the EAP logoff message failure occurred, no other device on that port and vlan would be able to work until you manually removed that entry from the table by doing:
no mac-address-table static 0000.0000.0000 interface FastEthernet1/1 vlan <vlanid>
You run this from config mode.
My problem is, under the newer switch module, you are now required to session into it to modify the switch config instead of it being integrated into the router's CLI. That being said, I expected to find the mac-addres-table listing for dot1x port security there, however it does not exist. If I have a device that fails to send the EAP logoff message (for whatever reason) were do I find this table I am used to working with? Does it still exist? If it doesn't is my only recourse to reboot the router? Rebooting the router seems like using dynamite to fish. Any ideas?
Thanks in advance. Please let me know if you need any clarification.
When we said the word “hybrid” in the past, it usually recalled the image of a new variety of plant or maybe an electric car. These days, it applies to the workplace too.
The future of work isn’t “changing” to a h...
Thanks for attending our Ask the Experts (ATXs) session! Here’s the post-session resources for easy reference.
New to ATXs? An ATXs session, offered at no cost, is an hour of real-time learning led by Cisco experts, who will answer your technology q...
Cisco Secure Endpoint
New packages fit for every organization
Every Cisco Secure Endpoint (formerly AMP for Endpoints) package comes with Cisco SecureX built-in. It’s our cloud-native platform that integrates all your security solutions into one view wit...
Our Cisco experts and guests chat about how the integration of Cisco Secure Firewall + Secure Workload is securely accelerating application delivery by allowing NetOps to start running at DevOps speed, and what that means for business success.