How did you get to that debug file, or run that debug program? I was only able to get the debug files from the support bundle page and didn't find where the OpenSSL debugs were in any of the extractions.
... View more
I am currently trying to use LMS 3.2 Compliance management to verify and alter our access port configurations for 802.1x. Below is our current configuration: switchport access vlan XX switchport mode access authentication control-direction in authentication event fail retry 0 action authorize vlan XXX authentication event no-response action authorize vlan XXX authentication port-control auto authentication periodic dot1x pae authenticator dot1x timeout quiet-period 10 dot1x timeout tx-period 10 dot1x timeout supp-timeout 10 dot1x max-req 1 dot1x max-reauth-req 1 storm-control broadcast level 75.00 spanning-tree portfast spanning-tree bpduguard enable I require the configurations to be changed to: switchport access vlan XX switchport mode access authentication event fail action authorize vlan XXX authentication event no-response action authorize vlan XXX authentication port-control auto authentication periodic dot1x pae authenticator dot1x timeout tx-period 8 storm-control broadcast level 10.00 storm-control multicast level 10.00 spanning-tree portfast spanning-tree bpduguard enable Addtionally, I require LMS to verify that the port is indeed an access port with 802.1x already applied to it before adjusting the configurations. I have tried pushing this compliance check out with a prerequisite of having "switchport mode access" applied to it, and then having the next command set state: Submode: interface [#Ethernet*/*/*#] - dot1x max-req 1 - dot1x max-reauth-req 1 + no dot1x max-req 1 + no dot1x max-reauth-req 1 This was a simple test on a single device to see if I could remove the limits on authentication and requests entered. The job states successful and there are no devices that are non-compliant, however no changes to the device configurations have been made. I seek assistance in command syntax or if there is another way to push this out, as I have about 1k network devices to go through and make these changes.
... View more