I am runing 802.1x and MAB authentication of devices connected to a 3560 switch (in test). When I run 'terminal monitor' I am getting alot of authentication fail-msg. Is it possible to get the switch not to show them? I have to do some debugging on SNMP and DHCP to be able to figure out why I get these msg, but since the switch is blasting out so many auth-msg it is hard to see the debug messages.
These are the current Monitor settings
sh logging | inc Monitor
Monitor logging: level debugging, 2554 messages logged, xml disabled,
These are some of the messages that are shown:
%DOT1X-5-FAIL: Authentication failed for client...
%AUTHMGR-7-RESULT: Authentication result 'no-response' from 'mab' for client....
%MAB-5-FAIL: Authentication failed for client...
and so on.
I am using SSH to log in to the switch.
Philip, you are probably better off turning off the terminal monitor command as this will direct all information to the vty session. I would suggest the temporary addition of a syslog server in the switch config (this can be your workstation running a syslog server application). This will record all the syslog messages which you can view/edit after the testing.
Hope this helps.
Yes that is an option. But is there a way to turn off authentication messages? I am guessing that the syslogserver will be flooded with this messages too.
There are a few Cisco devices, such as the ASA, that allow you to suppress specific log messages. But I am not aware that it is possible on the 3560 switches.
I would suggest something slightly different from Andy's suggestion of using a syslog server (though I believe that in general using syslog server is a good thing). I would suggest setting a fairly large buffer for logging buffered on the switch, setting logging level for buffered to debug (which is the default), do your testing, and then use show log commands to see the log messages. This would allow you to see what you need without being overwhelmed by the volume of authentication messages.