Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

dot1x will not re-auth when user logs on/off

I have setup a Cisco/IAS/XPSP1 lab so that users are assigned to different VLAN's depening on when Domain groups they are in.

I can get XP machines to authenticate and they are placed in the appropriate VLAN, but when a user logs on the re-authentication does not happen autopmatically. I have to use a 'dot1x re-authenticate interface f0/8' to assign the new VLAN.

Has anyone seen this before?

After user logs on:

Jan 13 16:18:06.870 WST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down

Jan 13 16:18:07.470 WST: dot1x-registry:dot1x_port_linkchange invoked on interface FastEthernet0/2

Jan 13 16:18:07.474 WST: dot1x-registry:** dot1x_vp_statechange:

Jan 13 16:18:07.474 WST: dot1x-registry:dot1x_port_modechange invoked on interface FastEthernet0/2

Jan 13 16:18:08.874 WST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up

Jan 13 16:18:36.439 WST: dot1x-sm:Fa0/8:0000.0000.0000:dot1x_process_txWhen_expire called

Jan 13 16:18:36.439 WST: dot1x_auth Fa0/8: during state auth_connecting, got event 18(txWhen_expire)

Jan 13 16:18:36.439 WST: @@@ dot1x_auth Fa0/8: auth_connecting -> auth_connecting

Jan 13 16:18:36.439 WST: dot1x-sm:Fa0/8:0000.0000.0000:auth_connecting_connecting_action called

Jan 13 16:18:36.439 WST: dot1x-ev:dot1x_post_message_to_auth_sm: Skipping tx for req_id for default supplicant

Jan 13 16:18:37.207 WST: dot1x-registry:** dot1x_vp_statechange:

Jan 13 16:18:37.207 WST: dot1x-registry:dot1x_port_modechange invoked on interface FastEthernet0/2

Jan 13 16:18:37.211 WST: dot1x-registry:dot1x_port_linkchange invoked on interface FastEthernet0/2

Jan 13 16:18:37.211 WST: dot1x-ev:dot1x_port_cleanup_author: cleanup author on interface FastEthernet0/2

Jan 13 16:18:37.211 WST: dot1x-ev:dot1x_post_message_to_auth_sm: cleanup author from interface FastEthernet0/2

Jan 13 16:18:38.207 WST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down

Jan 13 16:18:38.847 WST: dot1x-registry:dot1x_port_linkchange invoked on interface FastEthernet0/2

Jan 13 16:18:38.851 WST: dot1x-registry:** dot1x_vp_statechange:

Jan 13 16:18:38.851 WST: dot1x-registry:dot1x_port_modechange invoked on interface FastEthernet0/2

Jan 13 16:18:40.211 WST: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up

Jan 13 16:19:06.440 WST: dot1x-sm:Fa0/8:0000.0000.0000:dot1x_process_txWhen_expire called

Jan 13 16:19:06.440 WST: dot1x_auth Fa0/8: during state auth_connecting, got event 18(txWhen_expire)

Jan 13 16:19:06.440 WST: @@@ dot1x_auth Fa0/8: auth_connecting -> auth_connecting

Jan 13 16:19:06.440 WST: dot1x-sm:Fa0/8:0000.0000.0000:auth_connecting_connecting_action called

Jan 13 16:19:06.440 WST: dot1x-ev:dot1x_post_message_to_auth_sm: Skipping tx for req_id for default supplicant

Jan 13 16:19:36.441 WST: dot1x-sm:Fa0/8:0000.0000.0000:dot1x_process_txWhen_expire called

Jan 13 16:19:36.441 WST: dot1x_auth Fa0/8: during state auth_connecting, got event 18(txWhen_expire)

Jan 13 16:19:36.441 WST: @@@ dot1x_auth Fa0/8: auth_connecting -> auth_connecting

Jan 13 16:19:36.441 WST: dot1x-sm:Fa0/8:0000.0000.0000:auth_connecting_connecting_action called

Jan 13 16:19:36.441 WST: dot1x-sm:dot1x_auth_connecting_action:0000.0000.0000 reauth_count=3 exceeded DOT1X_DEFAULT_REAUTH_MAX

Jan 13 16:19:36.441 WST: dot1x-ev:dot1x_post_message_to_auth_sm: Skipping tx for req_id for default supplicant

2 REPLIES
New Member

Re: dot1x will not re-auth when user logs on/off

check in registry under local machine, software, microsoft, eapol, parameters, general, global. there needs to be added a dword called SupplicantMode and its value needs to be 3. you should also make sure you have hotfix 826942 loaded to fix a couple of dhcp errors, its a different hotfix for window 2000

New Member

Re: dot1x will not re-auth when user logs on/off

Brilliant! This was our last hurdle. Thanks for your help.

254
Views
0
Helpful
2
Replies
CreatePlease to create content