Hi all,
We have big problems with 2 swithces that have been set up for mixed (mac-based and 802.x) authentication. PC's suddenly refuse to work on one port and the only way we have found that solves this is to plug it in a different port on the same switch. These ports do not have different configurations so it is a really odd problem.
1 PC stays on identifying. (PC does not even get an unauth IP adress.)
PC was connected to D16 log showed this: (Reverse logging)
I 01/16/14 09:24:23 00435 ports: port D16 is Blocked by AAA
I 01/16/14 09:24:16 00077 ports: port D16 is now off-line
Connected the same PC to D18, no other changes and it works:
I 01/16/14 09:25:45 00076 ports: port D18 is now on-line
I 01/16/14 09:25:43 00435 ports: port D18 is Blocked by STP
I 01/16/14 09:25:43 00435 ports: port D18 is Blocked by AAA
I 01/16/14 09:25:43 00435 ports: port D18 is Blocked by STP
I 01/16/14 09:25:43 00435 ports: port D18 is Blocked by AAA
I 01/16/14 09:25:40 00077 ports: port D16 is now off-line
No configuration differences between the ports:
interface D16
tagged vlan 126
untagged vlan 1
aaa port-access authenticator
aaa port-access authenticator client-limit 8
aaa port-access mac-based
aaa port-access mac-based addr-limit 8
aaa port-access mac-based reauth-period 10800
aaa port-access mac-based unauth-vid 119
loop-protect
exit
interface D18
tagged vlan 126
untagged vlan 1
aaa port-access authenticator
aaa port-access authenticator client-limit 8
aaa port-access mac-based
aaa port-access mac-based addr-limit 8
aaa port-access mac-based reauth-period 10800
aaa port-access mac-based unauth-vid 119
loop-protect
exit