This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ExtremeControl - Issue - Unexpected NEAP ReAuth

ExtremeControl - Issue - Unexpected NEAP ReAuth

Guilhem_Lejeune
New Contributor II

2 weeks ago

Hi,

Devices involved :

  • ExtremeCloud IQ Site Engine version 24.2.15.5
  • ExtremeControl version 24.2.15.5
  • Fabric-Engine 5420F-48P-4XE version 8.10.5
  • Windows PC

Windows PC first authentication is OK (we use 802.1x PEAP MSCHAPv2).

After 10 minutes, ExtremeControl sends RADIUS CoA Disconnect message to reauthenticate the PC.
The problem is, ExtremeControl receive NEAP Access-Request and the PC is placed in quarantine.

Of course, I expect EAP Reauth.

 

Troubleshoot actions done :

  • Deactivate NEAP auth on acces port (on the switch) : OK but we want to keep the port configuration as generic as possible.
  • Force Windows supplicant to do 802.1x EAP only : OK but there are some side effects when the PC is back on a non-NACed network.

 

Maybe CoA message sent from the NAC is malformed ?

Here the reauth parameters for the switch :

Guilhem_Lejeune_1-1727293608632.png

 

Do I have to fix something ?

Regards

0 Kudos
5 REPLIES 5

Zdeněk_Pala
Extreme Employee

2 weeks ago

Check the time (NTP) on switch and Access Control Engine.
Check the shared secret for your CoA.

Or use default SNMP instead of RFC3576
I know switch supports both, but SNMP works better in some scenarios.

Regards Zdeněk Pala
0 Kudos
GTM-P2G8KFN