05-23-2007 01:50 PM - edited 03-10-2019 03:10 PM
Hello,
I encountered the following: after successful 802.1x authentication, the "passed authentication" log on ACS is filling with "authen OK" logs from the same user - every 2 minutes one new entry. The reauthentication on the switch is for sure turned off. Every two minutes on user's WinXP station there is baloon info that network is now connected, and there is a break in pings (about 2-4 seconds). What is causing this, and how can it be removed? Switch 6500, Catos 8.5.8, ACS 4.1.3, WinXp are using machine authentication.
05-25-2007 07:50 AM
I am having a similar issue. The access switch is a 3560 running 12.2(25)SED1 going against ACS 4.1. Reauthentication is disabled in the port configuration and the workstations are configured with the AuthMode=2 and SupplicantMode=3 DWord registry settings.
Unlike your scenario, I only see one (the first) success entry in ACS until right at 14 hours later, when I start seeing one every 30 seconds or so. At that point, I see the same scenario you mention above with the client baloon message as well every 30 seconds. If someone else does not provide an answer or insight, perhaps we can collaborate and solve this issue ourselves.
-Jimmy
05-26-2007 03:47 PM
Hi,
As in your case you are getting re-authentication again and again, though its turned off, then debugs would help in finding the actual cause,
set trace radius 4 (turns debugging on)
set trace dot1x 4 (turns debugging on)
set trace mon enable (turns trace monitoring on)
set trace dot1x 0 (turns debugging off)
set trace radius 0 (turns debugging off)
Regards,
Prem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide