Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

EAPoUDP failed to get a response from host

Hi guys!

I'm running ASA 8.0(4) code and trying to do NAC Framework on it to posture my VPN clients. However, anytime client "VPNs" in, it gets "clientless". Here is the log snip:

%ASA-6-335001: NAC session initialized -

%ASA-5-335003: NAC Default ACL applied, ACL:aclNACDefault -

%ASA-6-334001: EAPoUDP association initiated -

%ASA-5-334006: EAPoUDP failed to get a response from host -

%ASA-6-334004: Authentication request for NAC Clientless host -

%ASA-5-335003: NAC Default ACL applied, ACL:aclNACDefault -

%ASA-5-334005: Host put into NAC Hold state -

%ASA-6-334007: EAPoUDP association terminated -

CTA is running and it's 2.1.103. Personal FW is off and CTA is working fine with the switch as a NAD.


Re: EAPoUDP failed to get a response from host

You may want to do a sanity check on whether or not ASA is sourcing the EoU traffic from the correct interface.

Does a packet capture on the client then clear eou on the ASA. Make sure EoU traffic is sourced from the ASA's.

New Member

Re: EAPoUDP failed to get a response from host

Thanx mchin345,

I did the packet capture and only caught two packets, both sourced from my physical LAN adapter's IP, port UDP/21862, and with destionation ASA's outside interface, port UDP/1024. There were no reply cought, though.

Isn't this odd? I would expect this to be sourced from ASA's port greater than 1024 and destination to be UDP/21862. At least that. Aside the fact that communication is going "outside" the tunnel, which is not possible, when the tunnel is up.

I did the capture using my laptop and wireshark.

Am I mistaking on this?



CreatePlease login to create content