Long story short, dot1x is working. However, I would like to try and reduce the load on my CPPM server by figuring out why the ports are authenticating so often.
I had a very similar problem with my HP 1910/3com switches and the fix was to disable the multicast-trigger setting on all of the dot1x ports.
We just got this new switch to replace those switches and we're running into the same problem we were, but now I don't seem to be able to find a way to turn off multicast-triggers.
This is what the config on an example port looks like:
HP-2530-48G-PoEP(config)# display dot1x interface 2
Equipment 802.1X protocol is enabled
CHAP authentication is n/a
Proxy trap checker is n/a
Proxy logoff checker is n/a
EAD quick deploy is n/a
Configuration: Transmit Period 30 s, Handshake Period n/a
Quiet Period 60 s, Quiet Period Timer is n/a
Supp Timeout 15 s, Server Timeout 300 s
Reauth Period 7200 s
The maximal retransmitting times 2
EAD quick deploy configuration:
EAD timeout: n/a
The maximum 802.1X user resource number is n/a per slot
Total current used 802.1X resource number is n/a
2 is link-up
802.1X protocol is enabled
Proxy trap checker is n/a
Proxy logoff checker is n/a
Handshake is n/a
Handshake secure is n/a
802.1X unicast-trigger is n/a
Periodic reauthentication is enabled
The port is an authenticator
Authentication Mode is Auto
Port Control Type is n/a
802.1X Multicast-trigger is n/a
Mandatory authentication domain: n/a
Guest VLAN: 0
Auth-Fail VLAN: n/a
Max number of on-line users is 8
EAPOL Packet: Tx n/a, Rx n/a
Sent EAP Request/Identity Packets : 317
EAP Request/Challenge Packets: 914
EAP Request/Challenge Packets: 914
Received EAPOL Start Packets : 18
EAPOL LogOff Packets: 0
EAP Response/Identity Packets : 284
EAP Response/Challenge Packets: 906
Error Packets: 0
Controlled User(s) amount to n/a
Can anyone help me out?