Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How do I debug Smartport Macros

I'm trying to get my 2960s to detect the connection of an Access Point and then switch the port from a 802.1.X authenticated port to a trunk.

I have this working to the point where after MAB auth my ISE will specify the Macro to run to reconfigure the port.

The port re-configuration is not happening but the Macro executes … meaning I have an error in my macro.

I cannot see debug information anywhere to trace the execution of the macro.

 

Docs say in the interface to  issue the command " macro trace CISCO_AP_AUTO_SMARTPORT"

I get the error "% Macro 'CISCO_AP_AUTO_SMARTPORT' does not exist. "

(where CISCO_AP_AUTO_SMARTPORT is a Macro I overwrote to my own purposes )

 

the port is configured thus :

description Woring on GOLD .x port config here
 switchport access vlan 13
 switchport trunk allowed vlan 1-16
 switchport mode access
 switchport voice vlan 9
 ip access-group ACL-ALLOW in
 no logging event link-status
 load-interval 30
 authentication event fail action next-method
 authentication event server dead action authorize vlan 2
 authentication event server dead action authorize voice
 authentication event server alive action reinitialize 
 authentication host-mode multi-auth
 authentication order dot1x mab webauth
 authentication priority dot1x mab webauth
 authentication port-control auto
 authentication periodic
 authentication timer reauthenticate server
 authentication violation restrict
 mab      
 no snmp trap link-status
 macro description CISCO_AP_AUTO_SMARTPORT
 dot1x pae authenticator
 dot1x timeout tx-period 3
 spanning-tree portfast
end

 

and the macro being applied it this:

macro auto execute CISCO_AP_AUTO_SMARTPORT  {
 if [[ $LINKUP == YES ]]
  then conf t
  interface  $INTERFACE
  macro description $TRIGGER
  switchport mode trunk
  auto qos voip trust
  mls qos trust cos
  if [[ $LIMIT == 0 ]]
   then default srr-queue bandwidth limit
   else srr-queue bandwidth limit $LIMIT
  fi
  if [[ $SW_POE == YES ]]
   then if [[ $AP125X == AP125X ]]
    then macro description AP125X
    macro auto port sticky
    power inline port maximum 20000
   fi
  fi
  exit
  end
 fi
 if [[ $LINKUP == NO ]]
  then conf t
  interface  $INTERFACE
  default srr-queue bandwidth limit
  switchport access vlan 13
  switchport mode access
  switchport voice vlan 9
  ip access-group ACL-ALLOW in
  no logging event link-status
  load-interval 30
  authentication event fail action next-method
  authentication event server dead action authorize vlan 2
  authentication event server dead action authorize voice
  authentication event server alive action reinitialize 
  authentication host-mode multi-auth
  authentication order dot1x mab webauth
  authentication priority dot1x mab webauth
  authentication port-control auto
  authentication periodic
  authentication timer reauthenticate server
  authentication violation restrict
  mab
  no snmp trap link-status
  dot1x pae authenticator
  dot1x timeout tx-period 3
  spanning-tree portfas
  if [[ $AUTH_ENABLED == NO ]]
   then no switchport mode
   no switchport trunk encapsulation
  fi      
  if [[ $STICKY == YES ]]
   then if [[ $SW_POE == YES ]]
    then if [[ $AP125X == AP125X ]]
     then no macro auto port sticky
     no power inline port maximum
    fi    
   fi     
  fi      
  exit    
  end     
 fi       

 

-KK-

 

134
Views
0
Helpful
0
Replies