Hi All
I have a use case , that i'm not able to understand or correct
I'm using 802.1X authentication , and mac-based authentication, when radius are Up , all is working fine,
When radius are unreachable , i 'm using critical-auth with voice-vlan and data vlan
Here is the setup
interface 1/39
qos trust dscp
untagged vlan 270
aaa port-access authenticator
aaa port-access authenticator logoff-period 86400
aaa port-access authenticator client-limit 3
aaa port-access mac-based
aaa port-access mac-based addr-limit 3
aaa port-access mac-based logoff-period 86400
aaa port-access controlled-direction in
aaa port-access critical-auth voice-vlan 272
aaa port-access critical-auth data-vlan 279
spanning-tree admin-edge-port
spanning-tree bpdu-protection
exit
When i changed the IP of the Radius server to an IP that doesn't exist , i found my client in dneyall state , but not in critical Vlan , any idea of what is missing ?
Best Regards
------------------------------
Vicky GAUDIN ACSP certififed
------------------------------