i've implemeted dot1x several times and never have i seen this error before:
00:43:02: RADIUS: Received from id 47 188.8.131.52:1645, Access-Challenge, len 102
00:43:02: Attribute 79 32 015E001E
00:43:02: Attribute 24 32 43495343
00:43:02: Attribute 80 18 3656676C
00:43:02: RADIUS: EAP-login: length of eap packet = 30
00:43:02: RADIUS: EAP-login: got challenge from radius
00:43:02: dot1x-err:Unexpected response received on FastEthernet0/11: may be a retransmit
that's basically my question, what does de dot1x error mean. i have not been able to find it anywhere.
this thing is really weird since the auth process works just fine the first time around. when it comes time to reauthenticate it stops working. it's also weird that when we open a telnet session into the switch, we see all required attributes being sent by acs. when we reauthenticate dot1x, we don't.
here's some more captures. i'm going to look into a bug, but anybody's seen this before i'd appreciate some advice.
00:42:53: %SYS-5-CONFIG_I: Configured from console by cisco on vty0 (172.16.51.20)
00:43:02: RADIUS: ustruct sharecount=1
00:43:02: RADIUS: EAP-login: NAS Port = 00-0b-db-0a-75-3c RemAddr =000b.db0a.753c
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...