Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
621
Views
5
Helpful
4
Replies

9200 switch constanty change vlan

OstemETIC
Level 1
Level 1

‎07-28-2022 04:01 AM 

Hi. Maybe the community will help. I have stacked 9200 switches (C9200L-48P-4X, sw version 17.06.03). Two devices are connected to the port - a voip grandstream phone working with PoE, and a computer (via the built-in bridge). The problem is that the connected grandsream phone keeps changing vlan. Once it is in data vlan, sometimes in Voice. This causes about 2% packet loss. During this time, the computer does not lose its connection. On a different switch model with the same phone model, I do not observe such an error. There is not fully functional authentication, but #authentication open shuld not couse that kind of problem. Have You any suggestion, where could i find a solution ?
 
Labels:
4 Replies 4

marce1000
VIP
VIP

‎07-28-2022 04:51 AM

 

                 - Check logs on the switch when that happens and or post the port-configuration.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

OstemETIC
Level 1
Level 1

‎07-28-2022 05:15 AM

Thanks for reply
Logs give information about failed authentication in 802.1x. But i think that is just an effect, not cause

"Jul 28 11:48:42 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C000376DA84434DFBC
Jul 28 11:49:42 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C000376E054435CC40
Jul 28 11:50:42 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C000376E6D4436B4AC
Jul 28 11:51:42 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C000376ECF44379E54
Jul 28 11:52:42 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C000376F2844388B28
Jul 28 11:53:42 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C000376F8B44397490
Jul 28 11:54:50 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C000376FF2443A7EB8
Jul 28 11:55:49 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C00037704F443B6658
Jul 28 11:56:49 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C0003770AF443C4D18
Jul 28 11:58:55 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C000377179443E3AB0
Jul 28 12:00:22 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C000377213443F90D0
Jul 28 12:01:52 switch ip : %DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C00037729A4440EE84

"


Port configuration:
interface GigabitEthernet3/0/22
switchport access vlan xxx
switchport mode access
switchport block unicast
switchport voice vlan xxx
switchport port-security maximum 10
switchport port-security aging time 1
ip arp inspection limit rate 1022
authentication event fail action next-method
authentication host-mode multi-auth
authentication open
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication timer inactivity 30
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
spanning-tree portfast
spanning-tree guard loop
end

0 Helpful

marce1000
VIP
VIP
In response to OstemETIC

‎07-28-2022 05:27 AM

 

  >...%DOT1X-5-FAIL: Switch 1 R0/0: sessmgrd: Authentication failed for client (000b.82ba.175f) with reason (No Response from Client) on Interface Gi3/0/22 AuditSessionID 1E66A8C00037704F443B6658

  Well at least the phone does not get authenticated on the network (or doesn't have  a supplicant), so it's network access is not fully open , hence the vlan swapping because it can not get in the correct vlan. You need to look into that.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

MHM Cisco World
VIP
VIP

‎07-28-2022 07:20 AM - edited ‎07-28-2022 07:21 AM

instead of

authentication host-mode multi-auth

try in one port 

authentication host-mode multi-domain

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card