Powerconnect 802.1x mac-based problem

Question

Hi,    I am currently installing a PC 6248 (2.2.0.3) and trying to use 802.1x as a authentication method (with machine credentials) using an IAS Server. The authentication works perfectly using 'auto' mode configured in the port, but when you use mac-based, it seems that the packets do not get to the IAS... I got the following message in the switch when the equipment starts the authentication...   dell-sw44#show dot1x ethernet 1/g16 Administrative Mode............... Enabled Port     Admin               Oper          Reauth      Reauth              Mode                Mode          Control     Period     -------  ------------------  ------------  --------  ----------   1/g16    mac-based           Unauthorized  FALSE     3600         Quiet Period................................... 60 Transmit Period................................ 30 Maximum Requests............................... 2 Max Users...................................... 16 Supplicant Timeout............................. 30 Server Timeout (secs).......................... 30 Logical    Supplicant        AuthPAE         Backend      VLAN  Username   Filter    Port      MAC-Address       State           State         Id              Id       -------  -----------------  ------------    -----------   ----- --------  --------    240   00A0.D120.9F8E     Authenticating    Request      442  host/olite.net-adp.local     but there is no message in the IAS Server logs, and once the timeout comes, the port goes to Unauthorized state.  Here it is the port configuration: interface ethernet 1/g16 dot1x port-control mac-based description 'PRUEBAS_802_1X_MAC_BASED' switchport mode general switchport general pvid 442 no switchport general acceptable-frame-type tagged-only exit   I have tested almost everything, changing the pvid, using tagges-only frames, even disable the spannig-tree protocol but we are still in the same situation.   Does anyone have a clue about what is going on here?   Thanks a lot in advance Cheers Fernando

fjuniway · Answer

Hi,  No one has any clue about this?.... no one has experimented problems with 802.1x mac-based access?....   Not even from DELL...   Please, help me.   Thanks a lot.

anberry · Answer

In the 2.2.0.3 release, you must add the "dot1x max-req 3" to the port and the max request must be 3 or greater since this image assumes more than 1 PC is connected. However, this has been fixed in the 3.2.0.7 code so that this setting is not necessary.

Networking General

Was this post helpful?