cancel
Showing results for 
Search instead for 
Did you mean: 

UAC 802.1x enabled or static vlan issue!

jiangzhengpei_
Occasional Contributor

UAC 802.1x enabled or static vlan issue!

Hi everybody,

 

we deploy ic with 802.1x,radius client have 2 vender production,one is cisco 3750 and the other one is huawei 5300;

the topology about like this:

LDAP-----IC----ssg550m-----cisco/huawei switches----pcs

 

1. user role mapping based one ad/ldap member group;

2.802.1x auth protocol sets is eap-peap and pap,peap use eap-juac;

3.all roles hostchecker enabled;

4.801.2x use radius attbute to assign vlan daymic;

5.ssg550m use redundant interface,about 10 sub redundant and be putted in a apart vlan,every sub interface with dhcp relay enabled;

 

now the problem is :

1.if cisco switch interface 802.1x enabled,oac sign in will be quickly about 5-10s;

2.on cisco switch and huawei switch ,if we put this interface in a static vlan,just establish l3 authentication,the oac sign in will have much time,about 5-30min;

 

can anybody help me?

6 REPLIES 6
Raveen_
Regular Contributor

Re: UAC 802.1x enabled or static vlan issue!

Hi,

 

1. What is the OS used, is it windows xp or windows 7?

2. You mean to say that you have issues only with L3 authentication where dot1x is disabled in switch port?

3. Can you attach OAC logs and switch configuration?

 

Regards,

Raveen

 

jiangzhengpei_
Occasional Contributor

Re: UAC 802.1x enabled or static vlan issue!

1. What is the OS used, is it windows xp or windows 7?

R:windows 7 32/64 bit

2. You mean to say that you have issues only with L3 authentication where dot1x is disabled in switch port?

R:yes

3. Can you attach OAC logs and switch configuration?

R:below is cisco interface config when use 802.1x auto control

interface FastEthernet1/0/11  switchport mode access  authentication event no-response action authorize vlan 234  authentication port-control auto  dot1x pae authenticator  spanning-tree portfast  spanning-tree bpduguard enable 

below is cisco interface config when put it in a static vlan

interface FastEthernet2/0/23  switchport access vlan 234  switchport mode access !

 there is no odyssey client logs.

 

 

Raveen_
Regular Contributor

Re: UAC 802.1x enabled or static vlan issue!

If there are no OAC logs, then how are you establishing L3 connection?

Is it via a browser session? what is the browser that you use for tesitng?

 

Regards,

Raveen

 

jiangzhengpei_
Occasional Contributor

Re: UAC 802.1x enabled or static vlan issue!

hi Raveen,

 

now there is no odyssey logs,because i am not at office.

tomorrow i will be at office,and will collect the odyssey client logs to you.

 

thank you very much!

Raveen_
Regular Contributor

Re: UAC 802.1x enabled or static vlan issue!

Alright, while uploading the logs, also mention ESAP and UAC version that is in use.

 

Regards,

Raveen

 

jiangzhengpei_
Occasional Contributor

Re: UAC 802.1x enabled or static vlan issue!

pls suspend this issue,the problem disappear temporarily!

if again,i will be upload something here,thank you ver much!