We use an imaging solution called FOG. It is an open source software. Since I placed my switchports in dot1x FOG won't TFTP on boot anymore. I've tried everything I can think of. I have noticed that as soon as I remove the command MAB from my port configuration the TFTP takes off. This only happens on our 3750E switches. I have tried 12.2se55 and 15.0.2se4. Same thing on both sets of code.
Is the problem with FOG only? Can you run successful pings while FOG is in fail state?
Is it possible a DACL is being applied to the interface when MAB authentication happens?
Run a show ip access-list int
It appears to be. If I remove the command MAB while the TFTP is trying to communicate it takes right off. I have put a port level ACL that permits all traffic and it does not work, and I don't think dACL's are applied that early in the boot process. Running a show auth sess int show no applied ACL's.
You can play with
You can rely on