Hello. I have two 2530 switches setup: SwitchA with ports set as 802.1x authenticators. SwitchB with an uplink port set up as an 802.1x supplicant. When connecting SwitchB to SwitchA, SwitchA successfully authenticates SwitchB. I can see the access approved on the NPS server and traffic flows between the two switches.
However, the next day I noticed in the logs that the NPS server had been authenticating SwitchB every 30 since I plugged it in. On SwitchB, I ran "show port-access supplicant" which shows the supplicant port was in the "Acquired" state instead of "Authenticated".
So I connected to SwitchA and did "show port-access authenticator clients" which gave the following output:
Port Client Name MAC Address IP Address Client Status
----- ----------------- ------------------- --------------- --------------------
19 0180c2-000003 n/a Connecting
19 SwitchB 5065f3-xxxxxx n/a Authenticated
I can see SwitchB is authenticated which is why traffic is flowing. But the first entry with the "Connecting" status is what seems to be the problem. The port keeps telling SwitchB to authenticate which is why the NPS server is doing so every 30 seconds. I know that MAC is an IEEE reserved address. Why would an authenticator port treat it as a device that needs authenticated?
------------------------------
John Puckett
------------------------------