My organization has multiple 4500 series switches experiencing the same problem when attempting to authenticate devices via MAB. The issue is that the "show mab interface fax/x details" shows the Client MAC in a waiting status. The device is never sending the switch it's MAC in order to proceed with MAB authentication, so of course the port never forwards traffic. However, if we remove authentication port-control auto the port starts forwarding and the device gains connectivity. Below is the interface configuration command and the MAB details. The IOS version of this current switch is 15.0(2)SG8. Are we missing something special for a 4500 as far as configuration is concerned.
interface FastEthernet8/16 description USER switchport access vlan 600 switchport mode access switchport nonegotiate duplex full authentication host-mode multi-domain authentication port-control auto authentication periodic mab dot1x pae authenticator dot1x timeout tx-period 5 end
SWITCH-4510R#sh mab interface fa8/16 details MAB details for FastEthernet8/16 ------------------------------------- Mac-Auth-Bypass = Enabled
MAB Client List --------------- Client MAC = Waiting Session ID = 841AF6D100002931AF99B827 MAB SM state = ACQUIRING Auth Status = UNAUTHORIZED
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...