Hello,
I have a weird problem with my current Radius setup in the company.
Some infos before:
VLAN assignment happens on the radius server.
Policies for dot1x and MAB for devices that are not able to do dot1x
Switch port:
desc Radius Port switchport mode access switchport voice vlan 5 switchport port-security maximum 2 switchport port-security maximum 1 vlan access switchport port-security maximum 1 vlan voice switchport port-security access-session host-mode multi-domain access-session closed access-session port-control auto mab dot1x pae authenticator dot1x timeout tx-period 10 auto qos trust dscp spanning-tree portfast spanning-tree bpduguard enable service-policy type control subscriber DOT1X2MAB service-policy input AutoQos-4.0-Trust-Dscp-Input-Policy service-policy output AutoQos-4.0-Output-Policy The problem I have is that non-domain notebooks won't connect to a different switch port when a phone, printer or domain notebook was connected before. The link never goes up. I need to cycle the port and then it works. The port doesn't go in violation or shut also there are no logs saying that something has failed. Also we have a intercom system that does mab but apperantly it loses connection sometimes and I need to cycle the port to make it reachable again.
Why does it behave like this?
No comments:
Post a Comment