07-15-2018 01:23 PM - edited 03-08-2019 03:40 PM
Hello how would I convert the following 802.1x port configuration to only autenticate the MAB phone i.e. I don't want the PC to be subject to 802.1x.
Thank you kindly.
switchport access vlan 58
switchport mode access
switchport voice vlan 158
authentication event fail action next-method
authentication event server dead action authorize vlan 58
authentication event server dead action authorize voice
authentication host-mode multi-domain
authentication order mab dot1x
authentication priority dot1x mab
authentication port-control auto
authentication violation replace
mab
dot1x pae authenticator
dot1x timeout tx-period 10
07-15-2018 01:39 PM
Try authentication host-mode single-host mode ? and if not working show us the logs.
BB
07-15-2018 04:59 PM
Hello, it is still failing to authenticate the port.
I think I need to tell the port to only authenticate the voice VLAN ? Is that possible ?
Jul 16 11:47:45: %DOT1X-5-FAIL: Authentication failed for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID
Jul 16 11:47:45: %AUTHMGR-7-RESULT: Authentication result 'no-response' from 'dot1x' for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:47:45: %AUTHMGR-7-FAILOVER: Failing over from 'dot1x' for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:47:45: %AUTHMGR-7-NOMOREMETHODS: Exhausted all authentication methods for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:47:45: %AUTHMGR-5-FAIL: Authorization failed for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:48:46: %AUTHMGR-5-START: Starting 'mab' for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:48:46: %MAB-5-FAIL: Authentication failed for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:48:46: %AUTHMGR-7-RESULT: Authentication result 'no-response' from 'mab' for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:48:46: %AUTHMGR-7-FAILOVER: Failing over from 'mab' for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:48:46: %AUTHMGR-5-START: Starting 'dot1x' for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:49:17: %DOT1X-5-FAIL: Authentication failed for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID
Jul 16 11:49:17: %AUTHMGR-7-RESULT: Authentication result 'no-response' from 'dot1x' for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:49:17: %AUTHMGR-7-FAILOVER: Failing over from 'dot1x' for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:49:17: %AUTHMGR-7-NOMOREMETHODS: Exhausted all authentication methods for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
Jul 16 11:49:17: %AUTHMGR-5-FAIL: Authorization failed for client (0023.ae19.2b89) on Interface Gi0/4 AuditSessionID C0A80844000000260DE011B1
TWAKLTRANSW1(config-if)#do sh auth sess int gi 0/4
Interface: GigabitEthernet0/4
MAC Address: 0023.ae19.2b89
IP Address: Unknown
User-Name: 0023ae192b89
Status: Running
Domain: UNKNOWN
Security Policy: Should Secure
Security Status: Unsecure
Oper host mode: single-host
Oper control dir: both
Session timeout: N/A
Idle timeout: N/A
Common Session ID: C0A80844000000270DE60000
Acct Session ID: 0x0000039A
Handle: 0xDE000027
Runnable methods list:
Method State
mab Failed over
dot1x Running
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide