Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

fjuniway

2 Posts

10325

May 11th, 2010 10:00

Powerconnect 802.1x mac-based problem

Hi, 

 

I am currently installing a PC 6248 (2.2.0.3) and trying to use 802.1x as a authentication method (with machine credentials) using an IAS Server.

The authentication works perfectly using "auto" mode configured in the port, but when you use mac-based, it seems that the packets do not get to the IAS... I got the following

message in the switch when the equipment starts the authentication...

 

dell-sw44#show dot1x ethernet 1/g16

Administrative Mode............... Enabled

Port     Admin               Oper          Reauth      Reauth    

         Mode                Mode          Control     Period    

-------  ------------------  ------------  --------  ----------  

1/g16    mac-based           Unauthorized  FALSE     3600        

Quiet Period................................... 60

Transmit Period................................ 30

Maximum Requests............................... 2

Max Users...................................... 16

Supplicant Timeout............................. 30

Server Timeout (secs).......................... 30

Logical    Supplicant        AuthPAE         Backend      VLAN  Username   Filter  

 Port      MAC-Address       State           State         Id              Id      

-------  -----------------  ------------    -----------   ----- --------  --------

   240   00A0.D120.9F8E     Authenticating    Request      442  host/olite.net-adp.local  

 

but there is no message in the IAS Server logs, and once the timeout comes, the port goes to Unauthorized state. 

Here it is the port configuration:

interface ethernet 1/g16

dot1x port-control mac-based

description 'PRUEBAS_802_1X_MAC_BASED'

switchport mode general

switchport general pvid 442

no switchport general acceptable-frame-type tagged-only

exit

 

I have tested almost everything, changing the pvid, using tagges-only frames, even disable the spannig-tree protocol but we are still in the same situation.

 

Does anyone have a clue about what is going on here?

 

Thanks a lot in advance

Cheers

Fernando

fjuniway

2 Posts

May 19th, 2010 04:00

Hi, 

No one has any clue about this?.... no one has experimented problems with 802.1x mac-based access?....

 

Not even from DELL...

 

Please, help me.

 

Thanks a lot.

anberry

7 Posts

May 24th, 2010 08:00

In the 2.2.0.3 release, you must add the "dot1x max-req 3" to the port and the max request must be 3 or greater since this image assumes more than 1 PC is connected. However, this has been fixed in the 3.2.0.7 code so that this setting is not necessary.

 

Was this post helpful?

View All

0 events found

No Events found!

Top