Security

Reply
Contributor I
Posts: 29
Registered: ‎05-09-2013

Cisco switch :"PRE Event Handling - apply dummy user profile (2)"

HI Aruba,

 

We encounter issue in which the computer which is a domain PC and using valid domain AD ID is being drop due to "PRE Event Handling". Any related case for this?

 

This is the output of the " show authentication session interface G2/0/1 policy"

Model: 3750X

IOS: 15.2(1)E1

 


SWITCH-3750X-ES01#sho authentication sessions interface g2/0/1 policy
            Interface:  GigabitEthernet2/0/1
          MAC Address:  xxxx.xxxx.xxxx
         IPv6 Address:  Unknown
         IPv4 Address:  Unknown
            User-Name:  DOMAIN\valid_id
               Status:  Unauthorized
               Domain:  DATA
       Oper host mode:  multi-auth
     Oper control dir:  in
      Session timeout:  N/A
    Common Session ID:  0ABE01D1000002C54E806445
      Acct Session ID:  Unknown
               Handle:  0x7200029D
       Current Policy:  POLICY_Gi2/0/1
           Blocked On:  PRE Event Handling - apply dummy user profile (2)

Local Policies:
        Template: DEFAULT_LINKSEC_POLICY_SHOULD_SECURE (priority 150)
      Security Policy:  Should Secure
      Security Status:  Link Unsecure

Server Policies:
       Linksec Policy:  NONE

Resultant Policies:
      Security Policy:  Should Secure
      Security Status:  Link Unsecure

Method status list:
       Method           State
       dot1x            Authc Success

Thank you.

Aruba
Posts: 1,526
Registered: ‎06-12-2012

Re: Cisco switch :"PRE Event Handling - apply dummy user profile (2)"

What errors or respons are you seeing in CPPM when the client connects?

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Contributor I
Posts: 29
Registered: ‎05-09-2013

Re: Cisco switch :"PRE Event Handling - apply dummy user profile (2)"

Hi Tarnold,

 

Thanks for your reply.

 

From the accesstracker the user is being accepted. but I noticed that the CoA keeps triggering even the endpoint is already profiled (see attached CoA screenshot). We encounter this issue only in cisco switch 3750X IOS version 15.2(1)E1. So far it only happen twice.We temporarlity set the port to "authentication open" to allow the user.

 

 

From the switch we don't see the mac address of the device in the CAM table. but the Authentication session is still there in the port.

 

Thanks.

Aruba
Posts: 1,526
Registered: ‎06-12-2012

Re: Cisco switch :"PRE Event Handling - apply dummy user profile (2)"

If you are not having any issues with other IOS versions, then I would start by troubleshooting the switch. If the same service works fine on other IOS versions then their must have been a change in that version. 

 

Are you having the same issue with the same switch with a different IOS?

 

At the same time you should also open a TAC case so they can also double check your service. 

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Contributor I
Posts: 29
Registered: ‎05-09-2013

Re: Cisco switch :"PRE Event Handling - apply dummy user profile (2)"

We have a lot of 3750X model which is using older IOS below 15.2(1)E1. the behavior is that the mac address is being drop when enabling the 802.1x. I have try the mac-move, clear the authentication session, and CoA from the CPPM still dosen't work.

 

Will open a TAC case. Thanks

 

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: