Wired1

last person joined: 12 hours ago 

HP2930F : Issue with 802.1X authentication and cirtical vlan when radius are unreachable

This thread has been viewed 11 times
  • 1.  HP2930F : Issue with 802.1X authentication and cirtical vlan when radius are unreachable

    Posted Mar 09, 2021 10:42 AM
    Hi All

    I have a use case , that i'm not able to understand or correct

    I'm using 802.1X authentication , and mac-based authentication, when radius are Up , all is working fine,
    When radius are unreachable , i 'm using critical-auth with voice-vlan and data vlan

    Here is the setup

    interface 1/39
    qos trust dscp
    untagged vlan 270
    aaa port-access authenticator
    aaa port-access authenticator logoff-period 86400
    aaa port-access authenticator client-limit 3
    aaa port-access mac-based
    aaa port-access mac-based addr-limit 3
    aaa port-access mac-based logoff-period 86400
    aaa port-access controlled-direction in
    aaa port-access critical-auth voice-vlan 272
    aaa port-access critical-auth data-vlan 279
    spanning-tree admin-edge-port
    spanning-tree bpdu-protection
    exit

    When i changed the IP of the Radius server to an IP that doesn't exist , i found my client in dneyall state , but not in critical Vlan , any idea of what is missing ?

    Best Regards

    ------------------------------
    Vicky GAUDIN ACSP certififed
    ------------------------------