Switch blocking user port using 802.1x
Posted: 28 Aug 2016 22:48
Hi, All
We have a switch 6860E, users are using mac address authentication to the clearpass.
Everything was working fine and suddenly user ports status is block.
User block:
Port Username Mac address IP Vlan Profile Type Status Source
------+--------------------+-----------------+---------------+----+--------------------------------+------------+-----------+-----------
1/1/7 xx:xx:xx:xx:xx:xx xx:xx:xx:xx:xx:xx - 1 - Edge Block Local
User working fine:
Port Username Mac address IP Vlan Profile Type Status Source
------+--------------------+-----------------+---------------+----+--------------------------------+------------+-----------+-----------
1/1/6 xxxxxx xx:xx:xx:xx:xx:xx 10.1.1.1 129 User_Vlan Edge Active Local
When user connect to the port, no logs seen in the clearpass access tracker but I send the aaa test-radius to clearpass and log is seen.
Even only 1 user is connected, also transferred to different port still the same. Bounced the port and reboot the endpoint/laptop.
TO fix the issue we simply reboot the switch and users can now connect.
Is there anyone who might have encountered the same issue? Maybe its a bug but not sure.
Please share your thoughts.
thanks!
We have a switch 6860E, users are using mac address authentication to the clearpass.
Everything was working fine and suddenly user ports status is block.
User block:
Port Username Mac address IP Vlan Profile Type Status Source
------+--------------------+-----------------+---------------+----+--------------------------------+------------+-----------+-----------
1/1/7 xx:xx:xx:xx:xx:xx xx:xx:xx:xx:xx:xx - 1 - Edge Block Local
User working fine:
Port Username Mac address IP Vlan Profile Type Status Source
------+--------------------+-----------------+---------------+----+--------------------------------+------------+-----------+-----------
1/1/6 xxxxxx xx:xx:xx:xx:xx:xx 10.1.1.1 129 User_Vlan Edge Active Local
When user connect to the port, no logs seen in the clearpass access tracker but I send the aaa test-radius to clearpass and log is seen.
Even only 1 user is connected, also transferred to different port still the same. Bounced the port and reboot the endpoint/laptop.
TO fix the issue we simply reboot the switch and users can now connect.
Is there anyone who might have encountered the same issue? Maybe its a bug but not sure.
Please share your thoughts.
thanks!