Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
666
Views
0
Helpful
1
Replies

802.1x shutdown behaviour

tedauction
Level 1
Level 1

‎03-17-2021 03:00 PM

Hello, I have 802.1x configured as follows:

Yesterday we had about 15 PCs generate 'err-disable' on the 802.1x switchports.

I suspect this was due the PC's Dell docking stations having had a firmware upgrade

My theorty is that this caused the docking stations to send their MAC address to the switchport. The switchport saw this unrecognised third MAC address on the port and thus shutdown the port with err-disable.

Does this sound feasible to you - and if so, would changing the command 'authentication violation restrict' to 'authentication violation replace' prevent the port from 'err-disabling' ?

 

switchport access vlan 10
switchport mode access
switchport voice vlan 110
ip flow monitor NETFLOW-TRAFFIC input
authentication event fail action next-method
authentication event server dead action authorize vlan 10
authentication event server dead action authorize voice
authentication host-mode multi-domain
authentication order mab dot1x
authentication priority dot1x mab
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
end

 

Thank you.

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎03-18-2021 01:04 AM

what is the reason the error disable - is the MAB authentication first? how about considering error-disabled recovery in global command?

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Review Cisco Networking for a $25 gift card
li.common.scroll-to.top