Hi Folks,
I'm using 802.1x with 3810 switch and Clearpass.
If Clearpass is inaccessible, I am planning Siwtch to assign the user in a static vlan and continue to working locally.
When Clearpass is inaccessible remains the user in the Conecting state and there is no vlan assignment.
I made the following settings for this and the debug outputs are below which is just after the Clearpass is inaccessible by the switch.
Is there a any other way to stabilize this. Thank you.
--------------------------------------------------------
radius-server dead-time 3
aaa authentication port-access eap-radius authorized
interface 1/1
broadcast-limit 2
untagged vlan 1099
aaa port-access authenticator
aaa port-access authenticator tx-period 60
aaa port-access authenticator supplicant-timeout 120
aaa port-access authenticator max-requests 3
aaa port-access authenticator reauth-period 10
aaa port-access authenticator client-limit 1
aaa port-access mac-based
exit
sw-k1-stack# show port-acc auth clie 1/1 det
Port Access Authenticator Client Status Detailed
Port-access authenticator activated [No] : Yes
Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No
Use LLDP data to authenticate [No] : No
Client Base Details :
Port : 1/1
Client Status : Connecting Session Time : 0 seconds
Client name : Session Timeout : 0 seconds
IP : n/a MAC Address : 001e33-0d5c6e
Access Policy Details :
COS Map : Not Defined In Limit Kbps : Not Set
Untagged VLAN : Not Set Out Limit Kbps : Not Set
Tagged VLANs : No Tagged VLANs
Port Mode : 1000FDx
RADIUS ACL List : No Radius ACL List
--------------------------------------------------------