Security

Hi everyone;

User using 802.1X can not connect to the wireless network and looking on the logs is showing the following message:

<ERRS> |authmgr|  Dropping the radius packet for Station 00:21:6a:4f:f6:8c d8:c7:c8:11:05:91 doing 802.1x

Thank you for your help

Wilson

Please check the number of timeouts on the radius server using the following command

"show aaa authentication-server radius statistics"

Also, check the event viewer on the RADIUS server and see if Access-Request is making it to the server. 

Hi Hthakker,

I have issued the command "show aaa authentication-server radius statistics" is showing 48 timeout, but I have tested a ping from the controller to the radius server and it answer well. the user on LAN autheticate using the same Radius server and they don't have any problem.

I appreciated if you have any other suggestion.

Thanks for your help

Wilson

Wison, 

Pick as user that is not able to authenticate and enable debugging for that particular user 

config terminal 

logging level debugging user-debug <user-mac> 

As mentioned in the previous post, it would be beneficial to look into the event viewer of the RADIUS server and check for the users that are not able to authenticate. The event viewer should have an event for authentication response. 

Also, as mentioned by Sathya, run the command "show auth-tracebuf" command that will show the sequence of steps for the user authentication. 

Another command that would be useful is the "show auth-tracebuf" which will show you the deatils for the authentication process

Regards,

Sathya