Extreme Networks

Richard_Applebe · ‎03-21-2017

In the process of rolling out wired 802.1x authentication and going smoothly so far. Have one workstation that shows Auth status of success but no policy gets applied to the port. Does anyone have an idea of what might be going on here?

Richard_Applebe · ‎03-21-2017

It helps if one has remembered to enforce most recent policy changes down to switch. Sorry about that.

Keene__Scott · ‎03-21-2017

Hi Richard,

What is the switch model? Run a "show multi-auth session" command for the port in question and see if there is a session for the device/user in question. It would be odd that the switch apply a session for some users and apply that policy but not other users if the same RADIUS server sent the same Filter-Id in both cases. In the show multi-auth session output there should be a PID number that matches the policy name up, as seen in the output of the "show policy profile all" command. If the PID is incorrect or missing for the session/user in question but is accurate/present with other sessions that have the same policy name, then you should probably call in and open a case with the GTAC's Switching group to see what's going on there.

Regards,

Scott Keene

Richard_Applebe · ‎03-21-2017

Yes and yes. This is working for roughly 30 people in the building I am working on. It is just the one workstation that is not picking up a policy.

Keene__Scott · ‎03-21-2017

Hi Richard,

Did your RADIUS server send a policy (Filter-Id) to the switch during the authentication? if so, does that policy exist on the switch?

Regards,

Scott Keene
NMS/NAC Support

Extreme Networks

802.1x success but no policy applied

802.1x success but no policy applied