Hi all,
I have implemented NAC on my environment using aruba clearpass.
Below are the issues i encountered.
1) when i connect my pc to the network, i would get an ip address and get verified by NAC
2) if i were to disconnect the pc from network and connect it back again, it would show "media disconnected"
3)but i were to disconnect the pc and connect it back to network on my 2nd try, i would get an ip address and get verified by NAC
Hence why do i need a 2nd try before my pc could be detected by the network?
Why was it "media disconnected" on my 1st try?
Could it be some misconfiguration on the switch?
Below is my switch config. Pls advise TIA!
Switch config
=============
aaa new-model
!
!
aaa group server radius test1
server name test-SUB
server name test
!
aaa authentication dot1x default group test1
aaa authorization network default group test1
aaa accounting dot1x default start-stop group test1
!
dot1x system-auth-control
dot1x critical eapol
ip radius source-interface Vlan1
!
radius server test
address ipv4 1.2.3.3 auth-port 1812 acct-port 1813
key test
timeout 2
retransmit 1
!
radius server test-SUB
address ipv4 1.2.3.4 auth-port 1812 acct-port 1813
key test
timeout 2
retransmit 1
!
radius-server deadtime 5
radius-server dead criteria time 10 tries 2
Switchport config
=============
authentication control-direction in
authentication host-mode multi-auth
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
no authentication periodic
switchport access vlan 10
mab
dot1x pae authenticator
dot1x timeout tx-period 8
dot1x timeout supp-timeout 2
dot1x max-req 1
switchport host
spanning-tree bpduguard enable
