Passer au contenu principal
Commencer une nouvelle conversation

Non résolu

Ce message a plus de 5 ans

segula92000

1  message(s)

1450

22 mars 2017 04:00

problème perte authentification 802.1x

​Bonjour,​

​Nous rencontrons un problème sur le 802.1x sur un basculement d'un utilisateur sur un vlan de production à un vlan guest.​

​L’utilisateur bensafi est bien connecté sur le vlan de production au départ, au bout d'une heure cet utilisateur passe sur le vlan guest sans action de notre part.​

​L'utilisateur est obligé de débrancher et de rebrancher son cable réseau pour se ré authentifier.​

​=> pas de log particulier sur le serveur radius​

​voici les logs sur le switch :​

​ST-1B.183#show dot1x users​

​ Port Username​

​--------- ----------------------------------------------------------------​

​Gi1/0/2 TRINH​

​Gi1/0/2​

​Gi2/0/3 KERLANN​

​Gi2/0/3​

​Gi3/0/1 BOUGEARD​

​Gi3/0/1​

​Gi3/0/7 BENSAFI​

​Gi3/0/11 BOURDIOL​

​Gi3/0/11​

​ ​

​ST-1B.183#show log​

​ Logging is enabled​

​Logging protocol version: 0​

​Source Interface............................... Default​

​Console Logging: Level warnings. Messages : 154 logged, 49175 ignored​

​Monitor Logging: disabled​

​Buffer Logging: Level informational. Messages : 2878 logged, 41627 ignored​

​File Logging: Level emergencies. Messages : 0 logged, 49329 ignored​

​Switch Auditing : enabled​

​CLI Command Logging: disabled​

​Web Session Logging : disabled​

​SNMP Set Command Logging : disabled​

​Logging facility level : local7​

​0 Messages dropped due to lack of resources​

​Buffer Log:​

​<190> Mar 22 10:07:57 ST-1B.183-3 CLI_WEB[emWeb]: cmd_logger_api.c(260) 49329 %% [CLI:admin:172.29.1.91] User admin logged in to enable mode.​

​<189> Mar 22 10:07:55 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49328 %% Session 1 of type 3 started for user admin connected from 172.29.1.91.​

​<190> Mar 22 10:07:55 ST-1B.183-3 CLI_WEB[emWeb]: cmd_logger_api.c(260) 49327 %% [CLI:admin:172.29.1.91] User has succesfully logged in​

​<189> Mar 22 10:07:55 ST-1B.183-3 TRAPMGR[emWeb]: traputil.c(763) 49326 %% Multiple Users: CPU​

​<189> Mar 22 10:07:52 ST-1B.183-3 TRAPMGR[tRpcsrv.01000]: traputil.c(763) 49325 %% Failed User Login with User ID: admin​

​<190> Mar 22 10:07:52 ST-1B.183-3 USER_MGR[tRpcsrv.01000]: user_mgr.c(1813) 49324 %% User admin Failed to login because of authentication failures​

​<189> Mar 22 10:07:45 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49323 %% Gi3/0/7 is transitioned from the Learning state to the Forwarding state in instance 0​

​<189> Mar 22 10:07:45 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49322 %% Gi3/0/7 is transitioned from the Forwarding state to the Blocking state in instance 0​

​<189> Mar 22 10:07:45 ST-1B.183-3 DOT1X[dot1xTask]: dot1x_radius.c(966) 49321 %% Dot1x authenticated successfully​

​<189> Mar 22 10:07:45 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49320 %% Gi3/0/7 status is authorized​

​<190> Mar 22 10:07:45 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49319 %% RADIUS: MS attribute type =26​

​<190> Mar 22 10:07:45 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49318 %% RADIUS: MS attribute type =10​

​<190> Mar 22 10:07:45 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49317 %% RADIUS: MS attribute type =57​

​<190> Mar 22 10:07:45 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49316 %% RADIUS: MS attribute type =45​

​<190> Mar 22 10:07:45 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49315 %% RADIUS: MS attribute type =15​

​<190> Mar 22 10:07:45 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49314 %% RADIUS: MS attribute type =14​

​<190> Mar 22 10:07:45 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49313 %% RADIUS: MS attribute type =54​

​<189> Mar 22 10:07:45 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49304 %% Gi3/0/7 status is Unauthorized​

​<189> Mar 22 10:07:45 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49303 %% Link Up: Gi3/0/7​

​<189> Mar 22 10:07:40 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49300 %% Gi3/0/7 is transitioned from the Forwarding state to the Blocking state in instance 0​

​<189> Mar 22 10:07:40 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49299 %% Link on Gi3/0/7 is failed​

​<189> Mar 22 10:07:40 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49298 %% Link Down: Gi3/0/7​

​<189> Mar 22 10:07:40 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49297 %% Gi3/0/7 status is Unauthorized​

​<189> Mar 22 10:06:49 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49295 %% Gi3/0/7 is transitioned from the Learning state to the Forwarding state in instance 0​

​<189> Mar 22 10:06:49 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49294 %% Gi3/0/7 is transitioned from the Forwarding state to the Blocking state in instance 0​

​<189> Mar 22 10:06:49 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49293 %% Gi3/0/7 status is authorized​

​<189> Mar 22 10:06:49 ST-1B.183-3 DOT1X[dot1xTask]: dot1x_control.c(4083) 49292 %% Supplicant MAC address [a0:1d:48:b0: c:20] on logical interface [ifName not found(7296)] gets authenticated on guest mode VLAN ID 55 due to guest VLAN timer expiry.​

​ ​

​<189> Mar 22 10:06:20 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49291 %% Gi3/0/7 status is Unauthorized​

​<189> Mar 22 10:06:19 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49290 %% Gi3/0/7 is transitioned from the Forwarding state to the Blocking state in instance 0​

​<189> Mar 22 10:06:19 ST-1B.183-3 TRAPMGR[trapTask]: traputil.c(721) 49289 %% Gi3/0/7 status is Unauthorized​

​<189> Mar 22 10:05:56 ST-1B.183-3 DOT1X[dot1xTask]: dot1x_radius.c(966) 49288 %% Dot1x authenticated successfully​

​<190> Mar 22 10:05:56 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49287 %% RADIUS: MS attribute type =26​

​<190> Mar 22 10:05:56 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49286 %% RADIUS: MS attribute type =10​

​<190> Mar 22 10:05:56 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49285 %% RADIUS: MS attribute type =57​

​<190> Mar 22 10:05:56 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49284 %% RADIUS: MS attribute type =45​

​<190> Mar 22 10:05:56 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49283 %% RADIUS: MS attribute type =15​

​<190> Mar 22 10:05:56 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49282 %% RADIUS: MS attribute type =14​

​<190> Mar 22 10:05:56 ST-1B.183-3 RADIUS[radius_task]: radius.c(1672) 49281 %% RADIUS: MS attribute type =54​

​(…)​

​ST-1B.183#show running-config interface gi3/0/7​

​ ​

​storm-control broadcast​

​switchport voice detect auto​

​ip dhcp snooping limit rate 50​

​description "VOIP-PC"​

​spanning-tree portfast​

​switchport mode trunk​

​switchport trunk native vlan 2​

​switchport trunk allowed vlan 2,55,72,666​

​dot1x port-control mac-based​

​dot1x reauthentication​

​dot1x timeout supp-timeout 10​

​dot1x timeout guest-vlan-period 30​

​dot1x timeout server-timeout 20​

​dot1x max-req 3​

​dot1x guest-vlan 55​

​dot1x unauth-vlan 55​

​authentication order dot1x mab​

​authentication priority dot1x mab​

​lldp transmit-tlv sys-desc sys-cap​

​lldp transmit-mgmt​

​lldp notification​

​lldp med confignotification​

​voice vlan 72​

​voice vlan auth disable​

Dell-Stephane T

4 Operator

 • 

3.7K  messages

23 mars 2017 03:00

Bonjour,

pourriez vous me communiquer via message privé, le service tag de votre switch?

Cordialement,
Stéphane

Voir plus

Tout afficher

Aucun événement trouvé !

Top