5420F and macmon
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-01-2022 04:51 AM
Dear community,
we have one problem with our new Switches from Extreme an macmon nac. All of the new Switches doesn't show the correct 802.1X Status in macmon. They show "unauthorized" although they are authorized. It seems as if the 802.1X MAC Bypass isn't correct. The 802.1X radius looks good.
Any idea? Any experiences with this topic?
Thanks an kind regards
Franz
we have one problem with our new Switches from Extreme an macmon nac. All of the new Switches doesn't show the correct 802.1X Status in macmon. They show "unauthorized" although they are authorized. It seems as if the 802.1X MAC Bypass isn't correct. The 802.1X radius looks good.
Any idea? Any experiences with this topic?
Thanks an kind regards
Franz
15 REPLIES 15
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-02-2022 08:48 AM
The second client shows "Auth status: failed" for 802.1x, so there is something wrong with the 802.1x config. It depends on the end-system what happens in such a case... Some end-systems will stop doing 802.1x Auth and fallback to mac-auth, but others won't function, depending on the configuration. (afaik)
On windows this is called "Fallback to unautorized network access" I believe.
On windows this is called "Fallback to unautorized network access" I believe.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-02-2022 08:26 AM
Which part of Switch configuration do you need and how can i share this?
"show netlogin session port x" files are attached. The second one is from a printer, but the bahaviour is the same.
"show netlogin session port x" files are attached. The second one is from a printer, but the bahaviour is the same.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-02-2022 07:56 AM
Care to share your switch config (the relevant parts)? And also share a "show netlogin session port x", preferably of a port where a user is connect and of a port where a camera is connected.
Best regards
Stefan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-02-2022 07:42 AM
Hi and Thank you for the response,
yes, we use macmon as radius server. I don't know how macmon determine the port status.
MAC bypass, i mean that there are devices without username, password and / or certifikate. This devices will explicit released with them mac-address. This devices are for e.g. accesspoints or cams. We use macmon to monitor this devices and react before there are problems. A User call us because the client have no connection. A camera doesn't this.
yes, we use macmon as radius server. I don't know how macmon determine the port status.
MAC bypass, i mean that there are devices without username, password and / or certifikate. This devices will explicit released with them mac-address. This devices are for e.g. accesspoints or cams. We use macmon to monitor this devices and react before there are problems. A User call us because the client have no connection. A camera doesn't this.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
‎08-02-2022 07:22 AM
Hi,
what do you mean with "802.1x MAC bypass"?
Just to make sure: Everything is working fine, clients are working and are authorized, but in Macmon you see that they are unauthorized?
what do you mean with "802.1x MAC bypass"?
Just to make sure: Everything is working fine, clients are working and are authorized, but in Macmon you see that they are unauthorized?
