Showing results for 
Search instead for 
Did you mean: 

Who Me Too'd this topic

dot1x - "clear authentication session" - question and reflections

Hi all,


I'm a little bit concerned/intrigued regarding the command "clear authentication sess"

Im using it a lot when testing 802.1x on ISE deployment and haven't noticed before one important thing. It doesn't triger EAPoL-START from the swtich when MAB was used as a fallback! Is it right? can someone confirm it?

when endpoint is authenticated using 8021.x then "clear auth" triggers EAPoL-START as supposed to.

when endpoint is authenticated by MAB - then nothing.


when for some reasons supplicant is not working right on the end client, and we are working on fixing it but it is seen as MAB (for example with CWA) then the only way to make it work is SHUT/NO SHUT the port


In my opinion after clearing the session the switch should send this frame nevertheless without any implacation whether it is going to authenticate by MAB or 802.1x


What do u think?




Who Me Too'd this topic