Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
531
Views
0
Helpful
0
Replies

c2960-x 802.1x mac auth fail vlan - not moved failed vlan

VenkatesanKa5299
Level 1
Level 1

‎07-27-2019 03:20 AM

HI,


Switch has configured to communicate Radius server to authenticate 8021.x and mac based device request. These have been successfully tested. But auth fail device not move to restricted vlan configured.


Switch Firmware:

* 1 28 WS-C2960X-24TD-L 15.2(4)E7 C2960X-UNIVERSALK9-M


Configuration

interface GigabitEthernet1/0/6

switchport mode access

authentication event fail action authorize vlan 200

authentication order dot1x mab

authentication priority dot1x mab

authentication port-control auto

authentication timer inactivity 50

mab

dot1x pae authenticator

dot1x timeout tx-period 10

dot1x max-reauth-req 1

spanning-tree portfast edge

spanning-tree bpduguard enable


Debug for authentication


Jul 26 12:47:50.089: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Client delete for 2cd4.448f.a153 (2).

Jul 26 12:47:50.089: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Queued 0x21000005 for deletion

Jul 26 12:47:50.092: AUTH-EVENT: Handling client event DELETE (20) for PRE, handle 0x21000005

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Policy event will be processed synchronously for 0x21000005

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Processing default action(s) for event DELETE for session 0x21000005.

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Handling internal event DELETE for handle (0x21000005)

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Processing SM CB request for 0x21000005: Event: Pre-Disconnect notification t

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Predisconnect notification - teardown complete for 0x21000005(2cd4.448f.a153)

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Session teardown completing, deleting context

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Stopped 'restart' timer for client 2cd4.448f.a153

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Signalling "pre" delete for client 2cd4.448f.a153 / 0x21000005

Jul 26 12:47:50.092: AUTH-SYNC: [2cd4.448f.a153, Gi1/0/6] Sync_data->reauth_on_sso = 0

Jul 26 12:47:50.092: AUTH-SYNC: [2cd4.448f.a153, Gi1/0/6] Syncing delete for context (2cd4.448f.a153) - method No method

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Deleted record - hdl 0x21000005. 0 session(s) remain on IDB.

Jul 26 12:47:50.092: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Processing SM CB request for 0x21000005: Event: Client disconnect notificatio

Jul 26 12:47:50.092: AUTH-EVENT: [Gi1/0/6] No MACs found

Jul 26 12:47:50.096: AUTH-EVENT: [Gi1/0/6] Client MAC count: 0, 0 not being deleted

Jul 26 12:47:50.096: AUTH-EVENT: [Gi1/0/6] No authorized client found in domain [DATA]

Jul 26 12:47:50.096: AUTH-EVENT: [Gi1/0/6] Domain authorized client count: 0

Jul 26 12:47:50.096: AUTH-EVENT: [Gi1/0/6] No authorized client found in domain [VOICE]

Jul 26 12:47:50.096: AUTH-EVENT: [Gi1/0/6] Domain authorized client count: 0

Jul 26 12:47:50.096: AUTH-EVENT: [Gi1/0/6] No authorized ctx found

Jul 26 12:47:50.096: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Freeing AAA-ID 0x00000010 for 2cd4.448f.a153

Jul 26 12:47:50.096: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Removed policy (tgt 0x5F0000F4) from session (hdl 0x21000005)

Jul 26 12:47:50.096: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] Unblock events for 2cd4.448f.a153.

Jul 26 12:47:50.096: AUTH-EVENT: [ef43.21cd.001c, Gi1/0/6] Freed Auth Manager context 0x21000005

Jul 26 12:47:50.096: AUTH-EVENT: [ef43.21cd.001c, Gi1/0/6] Signalling "post" delete for client in domain UNKNOWN

Jul 26 12:47:50.096: AUTH-EVENT: [Gi1/0/6] Link DOWN

Jul 26 12:47:50.096: AUTH-EVENT: [Gi1/0/6] Deleting clients - Link DOWN

Jul 26 12:47:50.096: AUTH-EVENT: [Gi1/0/6] free all contexts

Jul 26 12:47:50.976: AUTH-EVENT: Stopped Auth Manager tick timer

Jul 26 12:47:51.092: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/0/6, changed state to down

Jul 26 12:47:52.091: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/6, changed state to down

Jul 26 12:47:55.968: AUTH-EVENT: [Gi1/0/6] Link UP

Jul 26 12:47:55.971: AUTH-EVENT: [Gi1/0/6] No authorized client found in domain [DATA]

Jul 26 12:47:55.971: AUTH-EVENT: [Gi1/0/6] Domain authorized client count: 0

Jul 26 12:47:55.971: AUTH-EVENT: [Gi1/0/6] No authorized client found in domain [DATA]

Jul 26 12:47:55.971: AUTH-EVENT: [Gi1/0/6] Domain authorized client count: 0

Jul 26 12:47:55.971: AUTH-EVENT: [Gi1/0/6] Link UP

Jul 26 12:47:55.971: AUTH-EVENT: [Gi1/0/6] Link already UP - ignoring

Jul 26 12:47:56.509: AUTH-EVENT: [2cd4.448f.a153, Gi1/0/6] New LL MAC: 2cd4.448f.a153 and UNKNOWN


-- Venkatesan K

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents