Wireless (General)

 View Only
Expand all | Collapse all

How should configuration for multiple 802.1x sesions look like on x440?

  • 1.  How should configuration for multiple 802.1x sesions look like on x440?

    Posted 12-17-2021 08:31

    Hi
    I need to configure switch port for AP. On AP i will broadcast wireless network based on 802.1x authentication.
    probably i shud see multiple user netlogin sesions on that port. Now what i see is onlu 1 policy applied for accesspoint and meny sesions whitout any policy applied.

    it look like that:

    test-switch-11.15 # sh netlog session por 3
    Multiple authentication session entries
    ---------------------------------------

    Port : 3 Station address : 00:dc:b2:39:d4:12
    Auth status : failed Last attempt : Fri Dec 17 13:03:41 2021
    Agent type : dot1x Session applied : false
    Server type : radius VLAN-Tunnel-Attr : None
    Policy index : 0 Policy name : No Policy applied
    Session timeout : 0 Session duration : 0:00:00
    Idle timeout : 300 Idle time : 0:00:00
    Auth-Override : disabled Termination time : Not Terminated


    Port : 3 Station address : 00:dc:b2:39:d4:12
    Auth status : success Last attempt : Fri Dec 17 12:57:51 2021
    Agent type : mac Session applied : true
    Server type : radius VLAN-Tunnel-Attr : None
    Policy index : 33 Policy name : 0-ACCESSPOINT Auth (active)
    Session timeout : 0 Session duration : 1:14:18
    Idle timeout : 300 Idle time : 0:00:00
    Auth-Override : disabled Termination time : Not Terminated


    Port : 3 Station address : 4c:eb:42:e8:af:e9
    Auth status : failed Last attempt : Fri Dec 17 12:27:50 2021
    Agent type : dot1x Session applied : false
    Server type : radius VLAN-Tunnel-Attr : None
    Policy index : 0 Policy name : No Policy applied
    Session timeout : 0 Session duration : 0:00:00
    Idle timeout : 300 Idle time : 0:00:00
    Auth-Override : disabled Termination time : Not Terminated

    Accesspoint is autenticated by MAC and applied role contains one nativ vlan for AP management and multiple egress vlans.

    Additionally when im connecting to wireless network im reciveing proper role on AP whitch my Xtreme Campus controler apply to that connection - but when im looking at Xtreme Network Management End systems it looks like after few minutes my session was deautenticated by switch

    1
    2

    I dont know how to fix it to make 802.1x stable and autenticate user only by it



  • 2.  RE: How should configuration for multiple 802.1x sesions look like on x440?

    Posted 12-17-2021 13:19
    Hi Marek,

    no need to do 802.1X authentication twice = wireless and wired.

    Just set the role for the AP authentication to "AP aware" as described in the KB article below.

    How to enable the AP Aware Feature in Extreme Management Center Policy Manager

    -Ron