Wired Intelligent Edge

 View Only
Back to discussions
Expand all | Collapse all

Port-access: authenticated client disconnects unauthenticated clients

This thread has been viewed 1 times

  • 1.  Port-access: authenticated client disconnects unauthenticated clients

    Posted Oct 19, 2011 11:04 AM

    We are using port-access in some parts of our network to separate trusted and untrusted clients. Because we have desktop switches we have set the client-limit to more then one as follows:

     

    aaa port-access authenticator 2

    aaa port-access authenticator 2 unauth-vid 9

    aaa port-access authenticator 2 client-limit 8

    aaa port-access authenticator active

     

    When we have several unauthenticated clients attached, all is well and they are correctly placed in VLAN 9. When multiple authenticated clients it also works fine. The problems start when we try to mix these clients, then all unauthenticated clients loose their connection when an authenticated client connects to the switch.

     

    I don't understand why this is happening. From the documentation I get that the client-limit enables 802.1x and adds port based acl's.

     

    Any help is greatly appreciated!

     



  • 2.  RE: Port-access: authenticated client disconnects unauthenticated clients

    Posted Oct 19, 2011 11:08 AM
    Hmmm... this may explain this problem further:

    "If all clients use the same configuration this should not be a problem. But if the RADIUS server responds with different configurations for different clients, then the last client authenticated will effectively lock out any previously authenticated client." (From the configuring port-based access guide)


Related Content