DHCP Issue on Cisco 2960
I have an device that use Multicast and is unable to aquire an ip address when connected to a 2960 switch. I have a 3560 switch that is configured with the DHCP scope. We have DHCP pool configured. layer 2, and layer 3 switch's.
Basically what’s happing is that if we connect the device to the switch it does not get a DHCP address however if we apply a static address it works. Now I have duplicated this in the lab and the everything works fine, the only difference is that I have a different IOS on my Lab switch. The only thing i can think of is the IOS.
Any help would be appreciated.
The IOS on the 2960 is flash:c2960-lanbasek9-mz.122-55.SE7.
Hi Anil,
I need to know the mac-address of the client as i see two different DHCP Requests from:
0100.237d.14b5
and
0198.fe94.dcd6
Moreover i see only one DHCP pool on the layer 3 switch:
ip dhcp pool
network 10.65.117.0 255.255.255.0
dns-server 198.6.1.122 198.6.1.142 8.8.8.8
default-router 10.65.117.1
And as you said that it should pick IP address from vlan2, but i dont see any pool for vlan2 on the contrary you did mention that if you connect your laptop on that port it does pick IP address from vlan 2. its actually very weird.
If possible collect the wireshark captures from machine interface for more debugging. i want to see the DHCP process. and let me know if you need any help in collecting captures
Regards,
RS
Similar Messages
-
IEEE 802.1x with EAP-TLS issue in cisco 2960
In My Cisco 2960 switch is not working with EAP-TLS mechanism of 802.1x but its works well with other protocols like EAP-PEAP or MAC Address authentication.
Below is the configuration
aaa authentication login default group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authentication dot1x default group radius
aaa authorization commands 15 default group tacacs+ local
aaa authorization network default group radius
aaa authorization configuration default group radius
aaa accounting update periodic 30
aaa accounting dot1x default start-stop group radius
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 0 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
aaa accounting connection default start-stop group tacacs+
aaa accounting system default start-stop group tacacs+
interface FastEthernet0/1
switchport access vlan 11
switchport mode access
speed 100
duplex full
authentication order dot1x mab webauth
authentication port-control auto
mab
dot1x pae authenticator
dot1x timeout tx-period 3
dot1x timeout supp-timeout 3
spanning-tree portfast
spanning-tree bpduguard enable
Can anyone suggest me ?Thanks for the reply jatin.
I have a client on the interface fa0/1 with a valid client certificate. And have a debug logs as below
*Mar 8 00:03:06.266: dot1x-ev(Fa0/1): Interface state changed to UP
*Mar 8 00:03:06.266: AAA/BIND(000001C7): Bind i/f
*Mar 8 00:03:06.266: dot1x_auth Fa0/1: initial state auth_initialize has enter
*Mar 8 00:03:06.266: dot1x-sm(Fa0/1): 0xB0000DBA:auth_initialize_enter called
*Mar 8 00:03:06.266: dot1x_auth Fa0/1: during state auth_initialize, got event 0(cfg_auto)
*Mar 8 00:03:06.266: @@@ dot1x_auth Fa0/1: auth_initialize -> auth_disconnected
*Mar 8 00:03:06.266: dot1x-sm(Fa0/1): 0xB0000DBA:auth_disconnected_enter called
*Mar 8 00:03:06.266: dot1x_auth Fa0/1: idle during state auth_disconnected
*Mar 8 00:03:06.266: @@@ dot1x_auth Fa0/1: auth_disconnected -> auth_restart
*Mar 8 00:03:06.266: dot1x-sm(Fa0/1): 0xB0000DBA:auth_restart_enter called
*Mar 8 00:03:06.266: dot1x-ev(Fa0/1): Sending create new context event to EAP for 0xB0000DBA (0000.0000.0000)
*Mar 8 00:03:06.266: dot1x_auth_bend Fa0/1: initial state auth_bend_initialize has enter
*Mar 8 00:03:06.266: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_initialize_enter called
*Mar 8 00:03:06.266: dot1x_auth_bend Fa0/1: initial state auth_bend_initialize has idle
*Mar 8 00:03:06.266: dot1x_auth_bend Fa0/1: during state auth_bend_initialize, got event 16383(idle)
*Mar 8 00:03:06.266: @@@ dot1x_auth_bend Fa0/1: auth_bend_initialize -> auth_bend_idle
*Mar 8 00:03:06.266: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_idle_enter called
*Mar 8 00:03:06.266: dot1x-ev(Fa0/1): Created a client entry (0xB0000DBA)
*Mar 8 00:03:06.266: dot1x-ev(Fa0/1): Dot1x authentication started for 0xB0000DBA (0000.0000.0000)
*Mar 8 00:03:06.266: dot1x-ev:DOT1X Supplicant not enabled on FastEthernet0/1
*Mar 8 00:03:06.266: dot1x-sm(Fa0/1): Posting !EAP_RESTART on Client 0xB0000DBA
*Mar 8 00:03:06.266: dot1x_auth Fa0/1: during state auth_restart, got event 6(no_eapRestart)
*Mar 8 00:03:06.266: @@@ dot1x_auth Fa0/1: auth_restart -> auth_connecting
*Mar 8 00:03:06.266: dot1x-sm(Fa0/1): 0xB0000DBA:auth_connecting_enter called
*Mar 8 00:03:06.274: dot1x-sm(Fa0/1): 0xB0000DBA:auth_restart_connecting_action called
*Mar 8 00:03:06.274: dot1x-sm(Fa0/1): Posting RX_REQ on Client 0xB0000DBA
*Mar 8 00:03:06.274: dot1x_auth Fa0/1: during state auth_connecting, got event 10(eapReq_no_reAuthMax)
*Mar 8 00:03:06.274: @@@ dot1x_auth Fa0/1: auth_connecting -> auth_authenticating
*Mar 8 00:03:06.274: dot1x-sm(Fa0/1): 0xB0000DBA:auth_authenticating_enter called
*Mar 8 00:03:06.274: dot1x-sm(Fa0/1): 0xB0000DBA:auth_connecting_authenticating_action called
*Mar 8 00:03:06.274: dot1x-sm(Fa0/1): Posting AUTH_START for 0xB0000DBA
*Mar 8 00:03:06.274: dot1x_auth_bend Fa0/1: during state auth_bend_idle, got event 4(eapReq_authStart)
*Mar 8 00:03:06.274: @@@ dot1x_auth_bend Fa0/1: auth_bend_idle -> auth_bend_request
*Mar 8 00:03:06.274: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_request_enter called
*Mar 8 00:03:06.274: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:06.274: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:06.274: dot1x-registry:registry:dot1x_ether_macaddr called
*Mar 8 00:03:06.274: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:06.274: EAPOL pak dump Tx
*Mar 8 00:03:06.274: EAPOL Version: 0x3 type: 0x0 length: 0x0005
*Mar 8 00:03:06.274: EAP code: 0x1 id: 0x1 length: 0x0005 type: 0x1
*Mar 8 00:03:06.274: dot1x-packet(Fa0/1): EAPOL packet sent to client 0xB0000DBA (0000.0000.0000)
*Mar 8 00:03:06.274: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_idle_request_action called
*Mar 8 00:03:06.794: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:06.794: dot1x-packet(Fa0/1): queuing an EAPOL pkt on Auth Q
*Mar 8 00:03:06.794: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
*Mar 8 00:03:06.794: EAPOL pak dump rx
*Mar 8 00:03:06.794: EAPOL Version: 0x1 type: 0x1 length: 0x0000
*Mar 8 00:03:06.794: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/1 CODE= 0,TYPE= 0,LEN= 0
*Mar 8 00:03:06.794: dot1x-packet(Fa0/1): Received an EAPOL frame
*Mar 8 00:03:06.794: dot1x-ev(Fa0/1): Received pkt saddr =d43d.7e65.4fc1 , daddr = 0180.c200.0003,
pae-ether-type = 888e.0101.0000
*Mar 8 00:03:06.794: dot1x-ev(Fa0/1): Couldn't find the supplicant in the list
*Mar 8 00:03:06.794: dot1x-ev(Fa0/1): New client detected, notifying AuthMgr
*Mar 8 00:03:06.794: dot1x-ev(Fa0/1): Sending event (0) to Auth Mgr for d43d.7e65.4fc1
*Mar 8 00:03:06.794: dot1x-packet(Fa0/1): Received an EAPOL-Start packet
*Mar 8 00:03:06.794: EAPOL pak dump rx
*Mar 8 00:03:06.794: EAPOL Version: 0x1 type: 0x1 length: 0x0000
*Mar 8 00:03:06.794: dot1x-sm(Fa0/1): Posting EAPOL_START on Client 0xB0000DBA
*Mar 8 00:03:06.794: dot1x_auth Fa0/1: during state auth_authenticating, got event 4(eapolStart)
*Mar 8 00:03:06.794: @@@ dot1x_auth Fa0/1: auth_authenticating -> auth_aborting
*Mar 8 00:03:06.794: dot1x-sm(Fa0/1): 0xB0000DBA:auth_authenticating_exit called
*Mar 8 00:03:06.794: dot1x-sm(Fa0/1): 0xB0000DBA:auth_aborting_enter called
*Mar 8 00:03:06.794: dot1x-ev(Fa0/1): 802.1x method gets the go ahead from Auth Mgr for 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:06.794: %AUTHMGR-5-START: Starting 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EE240F5BAB
*Mar 8 00:03:06.794: dot1x-sm(Fa0/1): Posting AUTH_ABORT for 0xB0000DBA
*Mar 8 00:03:06.794: dot1x_auth_bend Fa0/1: during state auth_bend_request, got event 1(authAbort)
*Mar 8 00:03:06.794: @@@ dot1x_auth_bend Fa0/1: auth_bend_request -> auth_bend_initialize
*Mar 8 00:03:06.794: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_initialize_enter called
*Mar 8 00:03:06.794: dot1x_auth_bend Fa0/1: idle during state auth_bend_initialize
*Mar 8 00:03:06.794: @@@ dot1x_auth_bend Fa0/1: auth_bend_initialize -> auth_bend_idle
*Mar 8 00:03:06.794: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_idle_enter called
*Mar 8 00:03:06.794: dot1x-sm(Fa0/1): Posting !AUTH_ABORT on Client 0xB0000DBA
*Mar 8 00:03:06.794: dot1x_auth Fa0/1: during state auth_aborting, got event 20(no_eapolLogoff_no_authAbort)
*Mar 8 00:03:06.794: @@@ dot1x_auth Fa0/1: auth_aborting -> auth_restart
*Mar 8 00:03:06.794: dot1x-sm(Fa0/1): 0xB0000DBA:auth_aborting_exit called
*Mar 8 00:03:06.794: dot1x-sm(Fa0/1): 0xB0000DBA:auth_restart_enter called
*Mar 8 00:03:06.794: dot1x-ev(Fa0/1): Resetting the client 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:06.794: dot1x-ev(Fa0/1): Sending create new context event to EAP for 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:06.802: dot1x-sm(Fa0/1): 0xB0000DBA:auth_aborting_restart_action called
*Mar 8 00:03:06.802: dot1x-sm(Fa0/1): Posting !EAP_RESTART on Client 0xB0000DBA
*Mar 8 00:03:06.802: dot1x_auth Fa0/1: during state auth_restart, got event 6(no_eapRestart)
*Mar 8 00:03:06.802: @@@ dot1x_auth Fa0/1: auth_restart -> auth_connecting
*Mar 8 00:03:06.802: dot1x-sm(Fa0/1): 0xB0000DBA:auth_connecting_enter called
*Mar 8 00:03:06.802: dot1x-sm(Fa0/1): 0xB0000DBA:auth_restart_connecting_action called
*Mar 8 00:03:06.811: dot1x-sm(Fa0/1): Posting RX_REQ on Client 0xB0000DBA
*Mar 8 00:03:06.811: dot1x_auth Fa0/1: during state auth_connecting, got event 10(eapReq_no_reAuthMax)
*Mar 8 00:03:06.811: @@@ dot1x_auth Fa0/1: auth_connecting -> auth_authenticating
*Mar 8 00:03:06.811: dot1x-sm(Fa0/1): 0xB0000DBA:auth_authenticating_enter called
*Mar 8 00:03:06.811: dot1x-sm(Fa0/1): 0xB0000DBA:auth_connecting_authenticating_action called
*Mar 8 00:03:06.811: dot1x-sm(Fa0/1): Posting AUTH_START for 0xB0000DBA
*Mar 8 00:03:06.811: dot1x_auth_bend Fa0/1: during state auth_bend_idle, got event 4(eapReq_authStart)
*Mar 8 00:03:06.811: @@@ dot1x_auth_bend Fa0/1: auth_bend_idle -> auth_bend_request
*Mar 8 00:03:06.811: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_request_enter called
*Mar 8 00:03:06.811: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:06.811: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:06.811: dot1x-registry:registry:dot1x_ether_macaddr called
*Mar 8 00:03:06.811: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:06.811: EAPOL pak dump Tx
*Mar 8 00:03:06.811: EAPOL Version: 0x3 type: 0x0 length: 0x0005
*Mar 8 00:03:06.811: EAP code: 0x1 id: 0x1 length: 0x0005 type: 0x1
*Mar 8 00:03:06.811: dot1x-packet(Fa0/1): EAPOL packet sent to client 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:06.811: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_idle_request_action called
*Mar 8 00:03:06.811: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:06.811: dot1x-packet(Fa0/1): Queuing an EAPOL pkt on Authenticator Q
*Mar 8 00:03:06.811: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
*Mar 8 00:03:06.811: EAPOL pak dump rx
*Mar 8 00:03:06.811: EAPOL Version: 0x1 type: 0x0 length: 0x0022
*Mar 8 00:03:06.811: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/1 CODE= 2,TYPE= 1,LEN= 34
*Mar 8 00:03:06.811: dot1x-packet(Fa0/1): Received an EAPOL frame
*Mar 8 00:03:06.811: dot1x-ev(Fa0/1): Received pkt saddr =d43d.7e65.4fc1 , daddr = 0180.c200.0003,
pae-ether-type = 888e.0100.0022
*Mar 8 00:03:06.811: dot1x-packet(Fa0/1): Received an EAP packet
*Mar 8 00:03:06.811: EAPOL pak dump rx
*Mar 8 00:03:06.811: EAPOL Version: 0x1 type: 0x0 length: 0x0022
*Mar 8 00:03:06.811: dot1x-packet(Fa0/1): Received an EAP packet from d43d.7e65.4fc1
*Mar 8 00:03:06.811: dot1x-sm(Fa0/1): Posting EAPOL_EAP for 0xB0000DBA
*Mar 8 00:03:06.811: dot1x_auth_bend Fa0/1: during state auth_bend_request, got event 6(eapolEap)
*Mar 8 00:03:06.811: @@@ dot1x_auth_bend Fa0/1: auth_bend_request -> auth_bend_response
*Mar 8 00:03:06.811: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_enter called
*Mar 8 00:03:06.811: dot1x-ev(Fa0/1): dot1x_sendRespToServer: Response sent to the server from 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:06.811: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_request_response_action called
*Mar 8 00:03:06.811: AAA/AUTHEN/8021X (000001C7): Pick method list 'default'
*Mar 8 00:03:06.819: RADIUS/ENCODE(000001C7):Orig. component type = DOT1X
*Mar 8 00:03:06.819: RADIUS(000001C7): Config NAS IP: 0.0.0.0
*Mar 8 00:03:06.819: RADIUS/ENCODE(000001C7): acct_session_id: 724
*Mar 8 00:03:06.819: RADIUS(000001C7): sending
*Mar 8 00:03:06.819: RADIUS/ENCODE: Best Local IP-Address 10.26.237.11 for Radius-Server 10.26.13.59
*Mar 8 00:03:06.819: RADIUS(000001C7): Send Access-Request to 10.26.13.59:1812 id 1645/83, len 251
*Mar 8 00:03:06.819: RADIUS: authenticator A1 79 FA E5 F4 B7 7F 4F - 2B 73 3A 0D 1F D8 89 20
*Mar 8 00:03:06.819: RADIUS: User-Name [1] 31 "host/D0902MALL005.IN.intranet"
*Mar 8 00:03:06.819: RADIUS: Service-Type [6] 6 Framed [2]
*Mar 8 00:03:06.819: RADIUS: Framed-MTU [12] 6 1500
*Mar 8 00:03:06.819: RADIUS: Called-Station-Id [30] 19 "D4-A0-2A-EE-14-81"
*Mar 8 00:03:06.819: RADIUS: Calling-Station-Id [31] 19 "D4-3D-7E-65-4F-C1"
*Mar 8 00:03:06.819: RADIUS: EAP-Message [79] 36
*Mar 8 00:03:06.819: RADIUS: 02 01 00 22 01 68 6F 73 74 2F 44 30 39 30 32 4D 41 4C 4C 30 ["host/D0902MALL0]
*Mar 8 00:03:06.819: RADIUS: 30 35 2E 49 4E 2E 69 6E 74 72 61 6E 65 74 [ 05.IN.intranet]
*Mar 8 00:03:06.819: RADIUS: Message-Authenticato[80] 18
*Mar 8 00:03:06.819: RADIUS: D6 6F 7B CD 36 46 5E F6 90 6F 85 A8 BD BD AE D8 [ o{6F^o]
*Mar 8 00:03:06.819: RADIUS: EAP-Key-Name [102] 2 *
*Mar 8 00:03:06.819: RADIUS: Vendor, Cisco [26] 49
*Mar 8 00:03:06.819: RADIUS: Cisco AVpair [1] 43 "audit-session-id=0A1AED0B000000EE240F5BAB"
*Mar 8 00:03:06.819: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
*Mar 8 00:03:06.819: RADIUS: NAS-Port [5] 6 50001
*Mar 8 00:03:06.819: RADIUS: NAS-Port-Id [87] 17 "FastEthernet0/1"
*Mar 8 00:03:06.819: RADIUS: NAS-IP-Address [4] 6 10.26.237.11
*Mar 8 00:03:06.819: RADIUS: Acct-Session-Id [44] 10 "000002D4"
*Mar 8 00:03:06.819: RADIUS(000001C7): Started 3 sec timeout
*Mar 8 00:03:06.861: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
*Mar 8 00:03:06.903: RADIUS: Received from id 1645/83 10.26.13.59:1812, Access-Challenge, len 76
*Mar 8 00:03:06.903: RADIUS: authenticator 7B 1C DC CA A8 92 E9 34 - 17 86 25 2F 9D 7E 63 96
*Mar 8 00:03:06.903: RADIUS: EAP-Message [79] 8
*Mar 8 00:03:06.903: RADIUS: 01 02 00 06 0D 20 [ ]
*Mar 8 00:03:06.903: RADIUS: Message-Authenticato[80] 18
*Mar 8 00:03:06.903: RADIUS: DD F3 7B 33 37 6D 40 BD F3 D2 78 DF F1 14 4D E4 [ {37m@xM]
*Mar 8 00:03:06.903: RADIUS: State [24] 30
*Mar 8 00:03:06.903: RADIUS: 00 7D 00 9B 00 C1 00 40 ED B8 45 00 FC DD 50 2E DC 0E E6 03 FC 7B AD 4C B7 E7 B1 70 [ }@EP.{Lp]
*Mar 8 00:03:06.911: RADIUS(000001C7): Received from id 1645/83
*Mar 8 00:03:06.911: RADIUS/DECODE: EAP-Message fragments, 6, total 6 bytes
*Mar 8 00:03:06.911: dot1x-sm(Fa0/1): Posting EAP_REQ for 0xB0000DBA
*Mar 8 00:03:06.911: dot1x_auth_bend Fa0/1: during state auth_bend_response, got event 7(eapReq)
*Mar 8 00:03:06.911: @@@ dot1x_auth_bend Fa0/1: auth_bend_response -> auth_bend_request
*Mar 8 00:03:06.911: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_exit called
*Mar 8 00:03:06.911: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_request_enter called
*Mar 8 00:03:06.911: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:06.911: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:06.911: dot1x-registry:registry:dot1x_ether_macaddr called
*Mar 8 00:03:06.911: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:06.911: EAPOL pak dump Tx
*Mar 8 00:03:06.911: EAPOL Version: 0x3 type: 0x0 length: 0x0006
*Mar 8 00:03:06.911: EAP code: 0x1 id: 0x2 length: 0x0006 type: 0xD
*Mar 8 00:03:06.911: dot1x-packet(Fa0/1): EAPOL packet sent to client 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:06.911: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_request_action called
*Mar 8 00:03:06.920: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:06.920: dot1x-packet(Fa0/1): Queuing an EAPOL pkt on Authenticator Q
*Mar 8 00:03:06.920: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
*Mar 8 00:03:06.920: EAPOL pak dump rx
*Mar 8 00:03:06.920: EAPOL Version: 0x1 type: 0x0 length: 0x0069
*Mar 8 00:03:06.920: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/1 CODE= 2,TYPE= 13,LEN= 105
*Mar 8 00:03:06.920: dot1x-packet(Fa0/1): Received an EAPOL frame
*Mar 8 00:03:06.920: dot1x-ev(Fa0/1): Received pkt saddr =d43d.7e65.4fc1 , daddr = 0180.c200.0003,
pae-ether-type = 888e.0100.0069
*Mar 8 00:03:06.920: dot1x-packet(Fa0/1): Received an EAP packet
*Mar 8 00:03:06.920: EAPOL pak dump rx
*Mar 8 00:03:06.920: EAPOL Version: 0x1 type: 0x0 length: 0x0069
*Mar 8 00:03:06.920: dot1x-packet(Fa0/1): Received an EAP packet from d43d.7e65.4fc1
*Mar 8 00:03:06.920: dot1x-sm(Fa0/1): Posting EAPOL_EAP for 0xB0000DBA
*Mar 8 00:03:06.920: dot1x_auth_bend Fa0/1: during state auth_bend_request, got event 6(eapolEap)
*Mar 8 00:03:06.920: @@@ dot1x_auth_bend Fa0/1: auth_bend_request -> auth_bend_response
*Mar 8 00:03:06.920: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_enter called
*Mar 8 00:03:06.920: dot1x-ev(Fa0/1): dot1x_sendRespToServer: Response sent to the server from 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:06.920: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_request_response_action called
*Mar 8 00:03:06.920: AAA/AUTHEN/8021X (000001C7): Pick method list 'default'
*Mar 8 00:03:06.920: RADIUS/ENCODE(000001C7):Orig. component type = DOT1X
*Mar 8 00:03:06.920: RADIUS(000001C7): Config NAS IP: 0.0.0.0
*Mar 8 00:03:06.920: RADIUS/ENCODE(000001C7): acct_session_id: 724
*Mar 8 00:03:06.920: RADIUS(000001C7): sending
*Mar 8 00:03:06.920: RADIUS/ENCODE: Best Local IP-Address 10.26.237.11 for Radius-Server 10.26.13.59
*Mar 8 00:03:06.920: RADIUS(000001C7): Send Access-Request to 10.26.13.59:1812 id 1645/84, len 352
*Mar 8 00:03:06.920: RADIUS: authenticator 41 72 8D 6A B4 72 19 84 - 1B C8 33 F7 95 DD 07 BC
*Mar 8 00:03:06.928: RADIUS: User-Name [1] 31 "host/D0902MALL005.IN.intranet"
*Mar 8 00:03:06.928: RADIUS: Service-Type [6] 6 Framed [2]
*Mar 8 00:03:06.928: RADIUS: Framed-MTU [12] 6 1500
*Mar 8 00:03:06.928: RADIUS: Called-Station-Id [30] 19 "D4-A0-2A-EE-14-81"
*Mar 8 00:03:06.928: RADIUS: Calling-Station-Id [31] 19 "D4-3D-7E-65-4F-C1"
*Mar 8 00:03:06.928: RADIUS: EAP-Message [79] 107
*Mar 8 00:03:06.928: RADIUS: 02 02 00 69 0D 80 00 00 00 5F 16 03 01 00 5A 01 00 00 56 03 01 52 C5 45 4F 07 CA B3 29 50 A7 CE 40 76 B6 BD F0 50 D4 CE 9A 8A 02 C4 3D 40 35 B5 F0 E1 E2 75 [i_ZVREO)P@vP=@5u]
*Mar 8 00:03:06.928: RADIUS: 50 00 00 18 00 2F 00 35 00 05 00 0A C0 13 C0 14 C0 09 C0 0A 00 32 00 38 00 13 00 04 01 00 00 15 FF 01 00 01 00 00 0A 00 06 00 04 00 17 00 18 00 0B 00 02 01 00 [ P/528]
*Mar 8 00:03:06.928: RADIUS: Message-Authenticato[80] 18
*Mar 8 00:03:06.928: RADIUS: A3 28 CE 27 20 C0 D6 2C 11 01 D6 61 1F C3 6F 03 [ (' ,ao]
*Mar 8 00:03:06.928: RADIUS: EAP-Key-Name [102] 2 *
*Mar 8 00:03:06.928: RADIUS: Vendor, Cisco [26] 49
*Mar 8 00:03:06.928: RADIUS: Cisco AVpair [1] 43 "audit-session-id=0A1AED0B000000EE240F5BAB"
*Mar 8 00:03:06.928: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
*Mar 8 00:03:06.928: RADIUS: NAS-Port [5] 6 50001
*Mar 8 00:03:06.928: RADIUS: NAS-Port-Id [87] 17 "FastEthernet0/1"
*Mar 8 00:03:06.928: RADIUS: State [24] 30
*Mar 8 00:03:06.928: RADIUS: 00 7D 00 9B 00 C1 00 40 ED B8 45 00 FC DD 50 2E DC 0E E6 03 FC 7B AD 4C B7 E7 B1 70 [ }@EP.{Lp]
*Mar 8 00:03:06.928: RADIUS: NAS-IP-Address [4] 6 10.26.237.11
*Mar 8 00:03:06.928: RADIUS: Acct-Session-Id [44] 10 "000002D4"
*Mar 8 00:03:06.928: RADIUS(000001C7): Started 3 sec timeout
*Mar 8 00:03:07.004: RADIUS: Received from id 1645/84 10.26.13.59:1812, Access-Challenge, len 1188
*Mar 8 00:03:07.004: RADIUS: authenticator 7B 52 29 05 7E C3 EF 8E - 13 38 30 03 4B 65 64 0F
*Mar 8 00:03:07.004: RADIUS: EAP-Message [79] 255
*Mar 8 00:03:07.004: RADIUS: 01 03 04 56 0D C0 00 00 05 78 16 03 01 00 51 02 00 00 4D 03 01 52 C5 45 4F 0F 04 37 77 A0 C2 68 66 4E 45 92 AB 3D 7F 94 70 AF 36 [VxQMREO7whfNE=p6]
*Mar 8 00:03:07.004: RADIUS: 1D C5 17 23 5C F1 FA CA 60 B0 20 A5 48 16 D5 3F F9 B0 FF 38 1D D5 13 B3 88 13 06 EF DC 87 5C AE 17 E7 7E 80 84 21 58 64 F7 A6 36 00 35 00 00 05 FF 01 00 01 00 16 03 01 02 1C 0B 00 02 18 00 02 15 00 02 12 30 82 02 0E 30 [#\` H?8\~!Xd6500]
*Mar 8 00:03:07.004: RADIUS: 82 01 77 A0 03 02 01 02 02 09 00 88 7A CB 35 3F 1E 3E 62 30 0D 06 09 2A 86 48 86 F7 0D 01 01 05 05 00 30 2F 31 15 30 13 06 03 55 04 03 13 0C 53 50 [wz5?>b0*H0/10USP]
*Mar 8 00:03:07.004: RADIUS: 49 4E 41 56 44 30 30 30 30 34 31 16 30 14 06 03 55 04 0A 13 0D 50 6F 6C [INAVD0000410UPol]
*Mar 8 00:03:07.004: RADIUS: 69 63 79 4D 61 6E 61 67 65 72 30 1E 17 0D 31 33 30 38 32 [icyManager013082]
*Mar 8 00:03:07.004: RADIUS: 37 30 37 32 34 33 30 5A 17 0D 31 34 30 38 32 37 30 37 [7072430Z14082707]
*Mar 8 00:03:07.004: RADIUS: 32 34 33 30 5A 30 2F 31 15 30 13 06 03 55 04 03 13 0C 53 50 49 4E 41 56 [2430Z0/10USPINAV]
*Mar 8 00:03:07.004: RADIUS: 44 30 30 [ D00]
*Mar 8 00:03:07.004: RADIUS: EAP-Message [79] 255
*Mar 8 00:03:07.004: RADIUS: 30 30 34 31 16 30 14 06 03 55 04 0A 13 0D 50 6F 6C 69 63 79 4D 61 6E 61 [00410UPolicyMana]
*Mar 8 00:03:07.004: RADIUS: 67 65 72 30 81 9F 30 0D 06 09 2A 86 48 86 F7 0D 01 01 01 05 00 03 81 8D 00 30 81 89 02 81 81 00 C9 B9 03 65 83 EB 39 86 14 BC 95 7B DB 07 7E C5 8A D7 DA C7 8A CA 5A 88 6E 0B 93 06 35 57 [ger00*H0e9{~Zn5W]
*Mar 8 00:03:07.012: RADIUS: 6E DE 93 CD C9 FE 8E 9F E1 5F A9 04 5C BD A9 AD 5A 04 6E 35 47 76 A1 58 E5 C4 32 D7 49 9E 17 75 20 C6 6F 45 40 [n_\Zn5GvX2Iu oE@]
*Mar 8 00:03:07.012: RADIUS: AC EF 40 6D 15 38 F9 C2 28 7E C9 68 37 52 3B BF F4 C1 5E B8 BA 46 68 43 79 B1 65 66 [@m8(~h7R;^FhCyef]
*Mar 8 00:03:07.012: RADIUS: 9E 58 ED EC 8C 95 A2 D8 BF AA 77 AC 85 90 E3 AB C6 27 3A A2 22 AC 1C 48 B3 BF BE F7 85 CF 5C BB 2D 02 03 01 00 01 A3 32 30 30 30 0F 06 03 55 1D 11 04 08 30 06 87 04 0A 1A 0D 3B 30 [Xw':"H\-2000U0;0]
*Mar 8 00:03:07.012: RADIUS: 1D 06 03 55 1D 25 04 16 30 14 06 08 2B 06 01 05 05 07 03 01 06 08 2B 06 01 05 05 07 03 03 30 0D 06 09 2A 86 48 86 F7 0D 01 01 [ U?0++0*H]
*Mar 8 00:03:07.012: RADIUS: EAP-Message [79] 255
*Mar 8 00:03:07.012: RADIUS: 05 05 00 03 81 81 00 C4 46 3E 38 3D 53 0F 28 34 C1 A6 ED DC 70 76 9B 70 6B A8 95 7C 44 8E 7D 6E D6 8B 6D [F>8=S(4pvpk|D}nm]
*Mar 8 00:03:07.012: RADIUS: 90 49 83 06 E4 BF 68 2F 9D 77 78 A3 76 76 19 84 AD 26 3F F3 ED AA 88 52 35 0E 35 DD 00 E5 96 88 44 30 79 A0 71 [Ih/wxvv&?R55D0yq]
*Mar 8 00:03:07.012: RADIUS: 8D 25 3E 77 A0 E0 43 92 33 55 40 E1 C8 EE 88 11 25 E2 70 28 11 6C 5A 4E 3D F1 93 57 0A 6F [?>wC3U@?p(lZN=Wo]
*Mar 8 00:03:07.012: RADIUS: 36 51 72 04 08 C0 C0 DF F0 94 A9 F7 A1 05 C8 37 D6 F8 D4 9C 20 1A 7B CD 2C 17 83 7B 8E 20 F7 2D B6 16 03 01 02 FC 0D 00 02 F4 03 01 02 40 02 EE 00 63 30 61 31 0B 30 [6Qr7 {,{ -@c0a10]
*Mar 8 00:03:07.012: RADIUS: 09 06 03 55 04 06 13 02 55 53 31 15 30 13 06 03 55 04 0A 13 0C 44 69 67 69 43 65 72 74 20 49 [UUS10UDigiCert I]
*Mar 8 00:03:07.012: RADIUS: 6E 63 31 19 30 17 06 03 55 04 0B 13 10 77 77 77 2E 64 69 67 69 63 65 72 [nc10Uwww.digicer]
*Mar 8 00:03:07.012: RADIUS: 74 2E 63 6F 6D 31 20 30 1E 06 03 55 04 03 13 17 44 69 67 69 43 65 72 [t.com1 0UDigiCer]
*Mar 8 00:03:07.012: RADIUS: 74 20 47 6C 6F 62 61 6C 20 52 6F 6F 74 20 43 41 [t Global Root CA]
*Mar 8 00:03:07.012: RADIUS: 00 48 [ H]
*Mar 8 00:03:07.012: RADIUS: EAP-Message [79] 255
*Mar 8 00:03:07.012: RADIUS: 30 46 31 18 30 16 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 08 69 6E 74 72 61 6E 65 74 31 [0F10&,dintranet1]
*Mar 8 00:03:07.020: RADIUS: 12 30 10 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 02 49 4E 31 16 30 14 06 03 55 04 03 13 0D 49 6E 64 69 61 20 52 [0&,dIN10UIndia R]
*Mar 8 00:03:07.020: RADIUS: 6F 6F 74 20 43 41 00 4A 30 48 31 18 30 16 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 08 69 6E [oot CAJ0H10&,din]
*Mar 8 00:03:07.020: RADIUS: 74 72 61 6E 65 74 31 12 30 10 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 02 49 4E 31 18 30 16 06 03 55 [tranet10&,dIN10U]
*Mar 8 00:03:07.020: RADIUS: 04 03 13 0F 45 6E 74 65 72 70 72 69 73 65 20 43 41 2D 31 00 4D [Enterprise CA-1M]
*Mar 8 00:03:07.020: RADIUS: 30 4B 31 18 30 16 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 08 69 6E 74 72 61 6E 65 74 31 [0K10&,dintranet1]
*Mar 8 00:03:07.020: RADIUS: 12 30 10 06 0A 09 92 26 89 93 F2 2C 64 01 19 16 02 49 4E 31 1B 30 19 06 03 55 04 03 13 12 49 4E 2D 53 50 49 4E [0&,dIN10UIN-SPIN]
*Mar 8 00:03:07.020: RADIUS: 43 52 54 30 30 30 30 33 2D 43 41 00 D5 30 81 D2 31 0B 30 09 06 03 55 04 06 13 02 55 [CRT00003-CA010UU]
*Mar 8 00:03:07.020: RADIUS: 53 31 13 30 11 06 03 55 04 [ S10U]
*Mar 8 00:03:07.020: RADIUS: EAP-Message [79] 100
*Mar 8 00:03:07.020: RADIUS: 08 0C 0A 43 61 6C 69 66 6F 72 6E 69 61 31 12 30 10 06 03 55 04 07 0C 09 53 75 6E [California10USun]
*Mar 8 00:03:07.020: RADIUS: 6E 79 76 61 6C 65 31 17 30 15 06 03 55 04 0A 0C 0E 41 72 75 62 61 20 4E [nyvale10UAruba N]
*Mar 8 00:03:07.020: RADIUS: 65 74 77 6F 72 6B 73 31 40 30 3E 06 03 55 04 03 0C 37 43 6C 65 [etworks1@0>U7Cle]
*Mar 8 00:03:07.020: RADIUS: 61 72 50 61 73 73 20 4F 6E 62 6F 61 72 64 20 4C [arPass Onboard L]
*Mar 8 00:03:07.020: RADIUS: 6F 63 61 6C 20 43 65 72 74 69 [ ocal Certi]
*Mar 8 00:03:07.020: RADIUS: Message-Authenticato[80] 18
*Mar 8 00:03:07.020: RADIUS: 12 75 40 41 6F 40 6B 6F A5 FE AB 85 F3 B3 CF A4 [ u@Ao@ko]
*Mar 8 00:03:07.020: RADIUS: State [24] 30
*Mar 8 00:03:07.020: RADIUS: 00 6F 00 51 00 4B 00 6E EE B8 45 00 4B AA 6B A9 B6 D6 C8 CC 48 1A 91 99 7F 77 D3 C1 [ oQKnEKkHw]
*Mar 8 00:03:07.029: RADIUS(000001C7): Received from id 1645/84
*Mar 8 00:03:07.029: RADIUS/DECODE: EAP-Message fragments, 253+253+253+253+98, total 1110 bytes
*Mar 8 00:03:07.037: dot1x-sm(Fa0/1): Posting EAP_REQ for 0xB0000DBA
*Mar 8 00:03:07.037: dot1x_auth_bend Fa0/1: during state auth_bend_response, got event 7(eapReq)
*Mar 8 00:03:07.037: @@@ dot1x_auth_bend Fa0/1: auth_bend_response -> auth_bend_request
*Mar 8 00:03:07.037: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_exit called
*Mar 8 00:03:07.037: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_request_enter called
*Mar 8 00:03:07.037: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:07.037: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:07.037: dot1x-registry:registry:dot1x_ether_macaddr called
*Mar 8 00:03:07.037: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:07.037: EAPOL pak dump Tx
*Mar 8 00:03:07.037: EAPOL Version: 0x3 type: 0x0 length: 0x0456
*Mar 8 00:03:07.037: EAP code: 0x1 id: 0x3 length: 0x0456 type: 0xD
*Mar 8 00:03:07.037: dot1x-packet(Fa0/1): EAPOL packet sent to client 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:07.037: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_request_action called
*Mar 8 00:03:07.037: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:07.037: dot1x-packet(Fa0/1): Queuing an EAPOL pkt on Authenticator Q
*Mar 8 00:03:07.037: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
*Mar 8 00:03:07.037: EAPOL pak dump rx
*Mar 8 00:03:07.037: EAPOL Version: 0x1 type: 0x0 length: 0x0006
*Mar 8 00:03:07.037: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/1 CODE= 2,TYPE= 13,LEN= 6
*Mar 8 00:03:07.037: dot1x-packet(Fa0/1): Received an EAPOL frame
*Mar 8 00:03:07.037: dot1x-ev(Fa0/1): Received pkt saddr =d43d.7e65.4fc1 , daddr = 0180.c200.0003,
pae-ether-type = 888e.0100.0006
*Mar 8 00:03:07.037: dot1x-packet(Fa0/1): Received an EAP packet
*Mar 8 00:03:07.037: EAPOL pak dump rx
*Mar 8 00:03:07.037: EAPOL Version: 0x1 type: 0x0 length: 0x0006
*Mar 8 00:03:07.037: dot1x-packet(Fa0/1): Received an EAP packet from d43d.7e65.4fc1
*Mar 8 00:03:07.037: dot1x-sm(Fa0/1): Posting EAPOL_EAP for 0xB0000DBA
*Mar 8 00:03:07.037: dot1x_auth_bend Fa0/1: during state auth_bend_request, got event 6(eapolEap)
*Mar 8 00:03:07.037: @@@ dot1x_auth_bend Fa0/1: auth_bend_request -> auth_bend_response
*Mar 8 00:03:07.037: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_enter called
*Mar 8 00:03:07.037: dot1x-ev(Fa0/1): dot1x_sendRespToServer: Response sent to the server from 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:07.037: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_request_response_action called
*Mar 8 00:03:07.037: AAA/AUTHEN/8021X (000001C7): Pick method list 'default'
*Mar 8 00:03:07.046: RADIUS/ENCODE(000001C7):Orig. component type = DOT1X
*Mar 8 00:03:07.046: RADIUS(000001C7): Config NAS IP: 0.0.0.0
*Mar 8 00:03:07.046: RADIUS/ENCODE(000001C7): acct_session_id: 724
*Mar 8 00:03:07.046: RADIUS(000001C7): sending
*Mar 8 00:03:07.046: RADIUS/ENCODE: Best Local IP-Address 10.26.237.11 for Radius-Server 10.26.13.59
*Mar 8 00:03:07.046: RADIUS(000001C7): Send Access-Request to 10.26.13.59:1812 id 1645/85, len 253
*Mar 8 00:03:07.046: RADIUS: authenticator 1C D7 6D 40 A3 D6 BA B1 - A7 E6 70 DA 32 83 2E 19
*Mar 8 00:03:07.046: RADIUS: User-Name [1] 31 "host/D0902MALL005.IN.intranet"
*Mar 8 00:03:07.046: RADIUS: Service-Type [6] 6 Framed [2]
*Mar 8 00:03:07.046: RADIUS: Framed-MTU [12] 6 1500
*Mar 8 00:03:07.046: RADIUS: Called-Station-Id [30] 19 "D4-A0-2A-EE-14-81"
*Mar 8 00:03:07.046: RADIUS: Calling-Station-Id [31] 19 "D4-3D-7E-65-4F-C1"
*Mar 8 00:03:07.046: RADIUS: EAP-Message [79] 8
*Mar 8 00:03:07.046: RADIUS: 02 03 00 06 0D 00
*Mar 8 00:03:07.046: RADIUS: Message-Authenticato[80] 18
*Mar 8 00:03:07.046: RADIUS: 73 1D 89 5C 66 19 32 B6 63 C2 64 C1 04 42 A9 F9 [ s\f2cdB]
*Mar 8 00:03:07.046: RADIUS: EAP-Key-Name [102] 2 *
*Mar 8 00:03:07.046: RADIUS: Vendor, Cisco [26] 49
*Mar 8 00:03:07.046: RADIUS: Cisco AVpair [1] 43 "audit-session-id=0A1AED0B000000EE240F5BAB"
*Mar 8 00:03:07.046: RADIUS: NAS-Port-Type [61] 6 Ethernet [15]
*Mar 8 00:03:07.046: RADIUS: NAS-Port [5] 6 50001
*Mar 8 00:03:07.046: RADIUS: NAS-Port-Id [87] 17 "FastEthernet0/1"
*Mar 8 00:03:07.046: RADIUS: State [24] 30
*Mar 8 00:03:07.046: RADIUS: 00 6F 00 51 00 4B 00 6E EE B8 45 00 4B AA 6B A9 B6 D6 C8 CC 48 1A 91 99 7F 77 D3 C1 [ oQKnEKkHw]
*Mar 8 00:03:07.046: RADIUS: NAS-IP-Address [4] 6 10.26.237.11
*Mar 8 00:03:07.046: RADIUS: Acct-Session-Id [44] 10 "000002D4"
*Mar 8 00:03:07.046: RADIUS(000001C7): Started 3 sec timeout
*Mar 8 00:03:07.113: RADIUS: Received from id 1645/85 10.26.13.59:1812, Access-Challenge, len 378
*Mar 8 00:03:07.113: RADIUS: authenticator 1A 85 26 09 58 84 BC D4 - E0 A9 E3 C0 25 31 2D 31
*Mar 8 00:03:07.113: RADIUS: EAP-Message [79] 255
*Mar 8 00:03:07.121: RADIUS: 01 04 01 32 0D 00 66 69 63 61 74 65 20 41 75 74 68 6F 72 69 74 [2ficate Authorit]
*Mar 8 00:03:07.121: RADIUS: 79 20 28 53 69 67 6E 69 6E 67 29 31 3F 30 3D 06 09 2A [y (Signing)1?0=*]
*Mar 8 00:03:07.121: RADIUS: 86 48 86 F7 0D 01 09 01 16 30 64 36 62 62 34 66 37 30 2D 66 34 31 32 2D [H0d6bb4f70-f412-]
*Mar 8 00:03:07.121: RADIUS: 34 35 35 32 2D 61 65 65 32 2D 63 37 61 30 32 36 [4552-aee2-c7a026]
*Mar 8 00:03:07.121: RADIUS: 66 62 61 32 31 38 40 65 78 61 6D 70 6C 65 2E 63 [[email protected]]
*Mar 8 00:03:07.121: RADIUS: 6F 6D 00 CB 30 81 C8 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 0C 0A 43 61 6C 69 66 [om010UUS10UCalif]
*Mar 8 00:03:07.121: RADIUS: 6F 72 6E 69 61 31 12 30 10 06 03 55 04 07 0C 09 53 75 6E 6E 79 76 61 6C [ornia10USunnyval]
*Mar 8 00:03:07.121: RADIUS: 65 31 17 30 15 06 03 55 04 0A 0C 0E 41 72 75 62 61 20 4E 65 74 77 6F 72 [e10UAruba Networ]
*Mar 8 00:03:07.121: RADIUS: 6B 73 31 36 30 34 06 03 55 04 03 0C 2D 43 6C 65 61 72 50 61 73 [ks1604U-ClearPas]
*Mar 8 00:03:07.121: RADIUS: 73 20 4F 6E 62 6F 61 72 64 20 4C 6F 63 61 6C 20 [s Onboard Local ]
*Mar 8 00:03:07.121: RADIUS: 43 65 72 74 69 66 69 63 61 74 65 20 41 75 74 68 [Certificate Auth]
*Mar 8 00:03:07.121: RADIUS: 6F 72 69 74 79 31 3F 30 3D 06 09 2A 86 48 86 F7 0D 01 09 01 16 [ ority1?0=*H]
*Mar 8 00:03:07.121: RADIUS: EAP-Message [79] 55
*Mar 8 00:03:07.121: RADIUS: 30 64 36 62 62 34 66 37 30 2D 66 34 31 32 2D 34 [0d6bb4f70-f412-4]
*Mar 8 00:03:07.121: RADIUS: 35 35 32 2D 61 65 65 32 2D 63 37 61 30 32 36 66 [552-aee2-c7a026f]
*Mar 8 00:03:07.121: RADIUS: 62 61 32 31 38 40 65 78 61 6D 70 6C 65 2E 63 6F [[email protected]]
*Mar 8 00:03:07.121: RADIUS: 6D 0E 00 00 00 [ m]
*Mar 8 00:03:07.121: RADIUS: Message-Authenticato[80] 18
*Mar 8 00:03:07.121: RADIUS: 4C 46 AA B9 A5 D5 DF EA DB E7 2B 7B 51 7E 58 3F [ LF+{Q~X?]
*Mar 8 00:03:07.121: RADIUS: State [24] 30
*Mar 8 00:03:07.121: RADIUS: 00 EF 00 B9 00 0A 00 00 EF B8 45 00 EF D2 C4 3C 81 6C 72 0E 23 FE 11 EA 12 17 50 A1 [ E
*Mar 8 00:03:07.121: RADIUS(000001C7): Received from id 1645/85
*Mar 8 00:03:07.121: RADIUS/DECODE: EAP-Message fragments, 253+53, total 306 bytes
*Mar 8 00:03:07.130: dot1x-sm(Fa0/1): Posting EAP_REQ for 0xB0000DBA
*Mar 8 00:03:07.130: dot1x_auth_bend Fa0/1: during state auth_bend_response, got event 7(eapReq)
*Mar 8 00:03:07.130: @@@ dot1x_auth_bend Fa0/1: auth_bend_response -> auth_bend_request
*Mar 8 00:03:07.130: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_exit called
*Mar 8 00:03:07.130: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_request_enter called
*Mar 8 00:03:07.130: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:07.130: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:07.130: dot1x-registry:registry:dot1x_ether_macaddr called
*Mar 8 00:03:07.130: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:07.130: EAPOL pak dump Tx
*Mar 8 00:03:07.130: EAPOL Version: 0x3 type: 0x0 length: 0x0132
*Mar 8 00:03:07.130: EAP code: 0x1 id: 0x4 length: 0x0132 type: 0xD
*Mar 8 00:03:07.130: dot1x-packet(Fa0/1): EAPOL packet sent to client 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:07.130: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_request_action called
*Mar 8 00:03:07.138: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:07.138: dot1x-packet(Fa0/1): Queuing an EAPOL pkt on Authenticator Q
*Mar 8 00:03:07.138: dot1x-ev:Enqueued the eapol packet to the global authenticator queue
*Mar 8 00:03:07.138: EAPOL pak dump rx
*Mar 8 00:03:07.138: EAPOL Version: 0x1 type: 0x0 length: 0x05D4
*Mar 8 00:03:07.138: dot1x-ev:
dot1x_auth_queue_event: Int Fa0/1 CODE= 2,TYPE= 13,LEN= 1492
*Mar 8 00:03:07.138: dot1x-packet(Fa0/1): Received an EAPOL frame
*Mar 8 00:03:07.138: dot1x-ev(Fa0/1):
^Z
Malleswaram_2960#
*Mar 8 00:03:07.180: RADIUS: State [24] 30
*Mar 8 00:03:07.180: RADIUS: 00 EF 00 B9 00 0A 00 00 EF B8 45 00 EF D2 C4 3C 81 6C 72 0E 23 FE 11 EA 12 17 50 A1 [ E
*Mar 8 00:03:07.180: RADIUS: NAS-IP-Address [4] 6 10.26.237.11
*Mar 8 00:03:07.180: RADIUS: Acct-Session-Id [44] 10 "000002D4"
*Mar 8 00:03:07.180: RADIUS(000001C7): Started 3 sec timeout
Malleswaram_2960#
*Mar 8 00:03:07.893: %SYS-5-CONFIG_I: Configured from console by jameela on vty0 (10.26.20.5)
Malleswaram_2960#
*Mar 8 00:03:10.225: RADIUS(000001C7): Request timed out
*Mar 8 00:03:10.225: RADIUS: Retransmit to (10.26.13.59:1812,1813) for id 1645/86
*Mar 8 00:03:10.225: RADIUS(000001C7): Started 3 sec timeout
Malleswaram_2960#
*Mar 8 00:03:13.354: RADIUS(000001C7): Request timed out
*Mar 8 00:03:13.354: RADIUS: Retransmit to (10.26.13.59:1812,1813) for id 1645/86
*Mar 8 00:03:13.354: RADIUS(000001C7): Started 3 sec timeout
Malleswaram_2960#
*Mar 8 00:03:16.307: RADIUS(000001C7): Request timed out
*Mar 8 00:03:16.307: RADIUS: Retransmit to (10.26.13.59:1812,1813) for id 1645/86
*Mar 8 00:03:16.307: RADIUS(000001C7): Started 3 sec timeout
Malleswaram_2960#
*Mar 8 00:03:19.369: RADIUS(000001C7): Request timed out
*Mar 8 00:03:19.369: RADIUS: Retransmit to (10.26.13.59:1812,1813) for id 1645/86
*Mar 8 00:03:19.369: RADIUS(000001C7): Started 3 sec timeout
Malleswaram_2960#
*Mar 8 00:03:22.456: RADIUS(000001C7): Request timed out
*Mar 8 00:03:22.456: RADIUS: Fail-over denied to (10.26.13.59:1812,1813) for id 1645/86
*Mar 8 00:03:22.456: RADIUS: No response from (10.26.13.59:1812,1813) for id 1645/86
*Mar 8 00:03:22.456: RADIUS/DECODE: parse response no app start; FAIL
*Mar 8 00:03:22.456: RADIUS/DECODE: parse response; FAIL
*Mar 8 00:03:22.456: dot1x-ev(Fa0/1): Received an EAP Fail
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): Posting EAP_FAIL for 0xB0000DBA
*Mar 8 00:03:22.456: dot1x_auth_bend Fa0/1: during state auth_bend_response, got event 10(eapFail)
*Mar 8 00:03:22.456: @@@ dot1x_auth_bend Fa0/1: auth_bend_response -> auth_bend_fail
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_exit called
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_fail_enter called
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_response_fail_action called
*Mar 8 00:03:22.456: dot1x_auth_bend Fa0/1: idle during state auth_bend_fail
*Mar 8 00:03:22.456: @@@ dot1x_auth_bend Fa0/1: auth_bend_fail -> auth_bend_idle
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): 0xB0000DBA:auth_bend_idle_enter called
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): Posting AUTH_FAIL on Client 0xB0000DBA
*Mar 8 00:03:22.456: dot1x_auth Fa0/1: during state auth_authenticating, got event 15(authFail)
*Mar 8 00:03:22.456: @@@ dot1x_auth Fa0/1: auth_authenticating -> auth_authc_result
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): 0xB0000DBA:auth_authenticating_exit called
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): 0xB0000DBA:auth_authc_result_enter called
*Mar 8 00:03:22.456: %DOT1X-5-FAIL: Authentication failed for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID
*Mar 8 00:03:22.456: dot1x-ev(Fa0/1): Sending event (2) to Auth Mgr for d43d.7e65.4fc1
*Mar 8 00:03:22.456: %AUTHMGR-7-RESULT: Authentication result 'fail' from 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EE240F5BAB
*Mar 8 00:03:22.456: %AUTHMGR-5-FAIL: Authorization failed for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EE240F5BAB
*Mar 8 00:03:22.456: dot1x-redundancy: State for client d43d.7e65.4fc1 successfully retrieved
*Mar 8 00:03:22.456: dot1x-ev(Fa0/1): Received Authz fail for the client 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): Posting_AUTHZ_FAIL on Client 0xB0000DBA
*Mar 8 00:03:22.456: dot1x_auth Fa0/1: during state auth_authc_result, got event 22(authzFail)
*Mar 8 00:03:22.456: @@@ dot1x_auth Fa0/1: auth_authc_result -> auth_held
*Mar 8 00:03:22.456: dot1x-sm(Fa0/1): 0xB0000DBA:auth_held_enter called
*Mar 8 00:03:22.464: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:22.464: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:22.464: dot1x-registry:registry:dot1x_ether_macaddr called
*Mar 8 00:03:22.464: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:22.464: EAPOL pak dump Tx
*Mar 8 00:03:22.464: EAPOL Version: 0x3 type: 0x0 length: 0x0004
*Mar 8 00:03:22.464: EAP code: 0x4 id: 0x4 length: 0x0004
*Mar 8 00:03:22.464: dot1x-packet(Fa0/1): EAPOL packet sent to client 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): Posting FAILOVER_RETRY on Client 0xB0000DBA
*Mar 8 00:03:22.464: dot1x_auth Fa0/1: during state auth_held, got event 21(failover_retry)
*Mar 8 00:03:22.464: @@@ dot1x_auth Fa0/1: auth_held -> auth_restart
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): 0xB0000DBA:auth_held_exit called
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): 0xB0000DBA:auth_restart_enter called
*Mar 8 00:03:22.464: dot1x-ev(Fa0/1): Sending create new context event to EAP for 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): 0xB0000DBA:auth_held_restart_action called
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): Posting !EAP_RESTART on Client 0xB0000DBA
*Mar 8 00:03:22.464: dot1x_auth Fa0/1: during state auth_restart, got event 6(no_eapRestart)
*Mar 8 00:03:22.464: @@@ dot1x_auth Fa0/1: auth_restart -> auth_connecting
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): 0xB0000DBA:auth_connecting_enter called
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): 0xB0000DBA:auth_restart_connecting_action called
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): Posting REAUTH_MAX on Client 0xB0000DBA
*Mar 8 00:03:22.464: dot1x_auth Fa0/1: during state auth_connecting, got event 11(reAuthMax)
*Mar 8 00:03:22.464: @@@ dot1x_auth Fa0/1: auth_connecting -> auth_disconnected
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): 0xB0000DBA:auth_disconnected_enter called
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): d43d.7e65.4fc1:auth_disconnected_enter sending canned failure to version 1 supplicant
*Mar 8 00:03:22.464: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:22.464: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:22.464: dot1x-registry:registry:dot1x_ether_macaddr called
*Mar 8 00:03:22.464: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:22.464: EAPOL pak dump Tx
*Mar 8 00:03:22.464: EAPOL Version: 0x3 type: 0x0 length: 0x0004
*Mar 8 00:03:22.464: EAP code: 0x4 id: 0x5 length: 0x0004
*Mar 8 00:03:22.464: dot1x-packet(Fa0/1): dot1x_auth_txCannedStatus: EAPOL packet sent to client 0xB0000DBA (d43d.7e65.4fc1)
*Mar 8 00:03:22.464: dot1x-sm(Fa0/1): 0xB0000DBA:auth_connecting_disconnected_reAuthMax_action called
*Mar 8 00:03:22.464: dot1x_auth Fa0/1: idle during state auth_disconnected
*Mar 8 00:03:22.464: @@@ dot1x_auth Fa0/1: auth_disconnected -> auth_restart
*Mar 8 00:03:22.464: dot1x-ev(Fa0/1): Sending event (1) to Auth Mgr for d43d.7e65.4fc1
*Mar 8 00:03:22.464: dot1x-ev:Delete auth client (0xB0000DBA) message
*Mar 8 00:03:22.464: dot1x-ev:Auth client ctx destroyed
*Mar 8 00:03:22.674: AAA/BIND(000001C8): Bind i/f
*Mar 8 00:03:22.674: dot1x_auth Fa0/1: initial state auth_initialize has enter
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_initialize_enter called
*Mar 8 00:03:22.674: dot1x_auth Fa0/1: during state auth_initialize, got event 0(cfg_auto)
*Mar 8 00:03:22.674: @@@ dot1x_auth Fa0/1: auth_initialize -> auth_disconnected
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_disconnected_enter called
*Mar 8 00:03:22.674: dot1x_auth Fa0/1: idle during state auth_disconnected
*Mar 8 00:03:22.674: @@@ dot1x_auth Fa0/1: auth_disconnected -> auth_restart
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_restart_enter called
*Mar 8 00:03:22.674: dot1x-ev(Fa0/1): Sending create new context event to EAP for 0x4A000DBB (0000.0000.0000)
*Mar 8 00:03:22.674: dot1x_auth_bend Fa0/1: initial state auth_bend_initialize has enter
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_bend_initialize_enter called
*Mar 8 00:03:22.674: dot1x_auth_bend Fa0/1: initial state auth_bend_initialize has idle
*Mar 8 00:03:22.674: dot1x_auth_bend Fa0/1: during state auth_bend_initialize, got event 16383(idle)
*Mar 8 00:03:22.674: @@@ dot1x_auth_bend Fa0/1: auth_bend_initialize -> auth_bend_idle
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_bend_idle_enter called
*Mar 8 00:03:22.674: dot1x-ev(Fa0/1): Created a client entry (0x4A000DBB)
*Mar 8 00:03:22.674: dot1x-ev(Fa0/1): Dot1x authentication started for 0x4A000DBB (0000.0000.0000)
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): Posting !EAP_RESTART on Client 0x4A000DBB
*Mar 8 00:03:22.674: dot1x_auth Fa0/1: during state auth_restart, got event 6(no_eapRestart)
*Mar 8 00:03:22.674: @@@ dot1x_auth Fa0/1: auth_restart -> auth_connecting
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_connecting_enter called
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_restart_connecting_action called
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): Posting RX_REQ on Client 0x4A000DBB
*Mar 8 00:03:22.674: dot1x_auth Fa0/1: during state auth_connecting, got event 10(eapReq_no_reAuthMax)
*Mar 8 00:03:22.674: @@@ dot1x_auth Fa0/1: auth_connecting -> auth_authenticating
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_authenticating_enter called
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_connecting_authenticating_action called
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): Posting AUTH_START for 0x4A000DBB
*Mar 8 00:03:22.674: dot1x_auth_bend Fa0/1: during state auth_bend_idle, got event 4(eapReq_authStart)
*Mar 8 00:03:22.674: @@@ dot1x_auth_bend Fa0/1: auth_bend_idle -> auth_bend_request
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_bend_request_enter called
*Mar 8 00:03:22.674: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:22.674: dot1x-ev(Fa0/1): Role determination not required
Malleswaram_2960#
*Mar 8 00:03:22.674: dot1x-registry:registry:dot1x_ether_macaddr called
*Mar 8 00:03:22.674: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:22.674: EAPOL pak dump Tx
*Mar 8 00:03:22.674: EAPOL Version: 0x3 type: 0x0 length: 0x0005
*Mar 8 00:03:22.674: EAP code: 0x1 id: 0x1 length: 0x0005 type: 0x1
*Mar 8 00:03:22.674: dot1x-packet(Fa0/1): EAPOL packet sent to client 0x4A000DBB (0000.0000.0000)
*Mar 8 00:03:22.674: dot1x-sm(Fa0/1): 0x4A000DBB:auth_bend_idle_request_action called
*Mar 8 00:03:22.791: dot1x-ev(Fa0/1): New client notification from AuthMgr for 0x4A000DBB - d43d.7e65.4fc1
*Mar 8 00:03:22.791: %AUTHMGR-5-START: Starting 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
Malleswaram_2960#
*Mar 8 00:03:25.761: dot1x-sm(Fa0/1): Posting EAP_REQ for 0x4A000DBB
*Mar 8 00:03:25.761: dot1x_auth_bend Fa0/1: during state auth_bend_request, got event 7(eapReq)
*Mar 8 00:03:25.761: @@@ dot1x_auth_bend Fa0/1: auth_bend_request -> auth_bend_request
*Mar 8 00:03:25.761: dot1x-sm(Fa0/1): 0x4A000DBB:auth_bend_request_request_action called
*Mar 8 00:03:25.761: dot1x-sm(Fa0/1): 0x4A000DBB:auth_bend_request_enter called
*Mar 8 00:03:25.761: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:25.761: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:25.761: dot1x-registry:registry:dot1x_ether_macaddr called
Malleswaram_2960#n
*Mar 8 00:03:25.761: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:25.761: EAPOL pak dump Tx
*Mar 8 00:03:25.761: EAPOL Version: 0x3 type: 0x0 length: 0x0005
*Mar 8 00:03:25.761: EAP code: 0x1 id: 0x1 length: 0x0005 type: 0x1
*Mar 8 00:03:25.761: dot1x-packet(Fa0/1): EAPOL packet sent to client 0x4A000DBB (d43d.7e65.4fc1)
Malleswaram_2960#no debu
Malleswaram_2960#no debug
*Mar 8 00:03:28.848: dot1x-sm(Fa0/1): Posting EAP_REQ for 0x4A000DBB
*Mar 8 00:03:28.848: dot1x_auth_bend Fa0/1: during state auth_bend_request, got event 7(eapReq)
*Mar 8 00:03:28.848: @@@ dot1x_auth_bend Fa0/1: auth_bend_request -> auth_bend_request
*Mar 8 00:03:28.848: dot1x-sm(Fa0/1): 0x4A000DBB:auth_bend_request_request_action called
*Mar 8 00:03:28.848: dot1x-sm(Fa0/1): 0x4A000DBB:auth_bend_request_enter called
*Mar 8 00:03:28.848: dot1x-ev(Fa0/1): Sending EAPOL packet to group PAE address
*Mar 8 00:03:28.848: dot1x-ev(Fa0/1): Role determination not required
*Mar 8 00:03:28.848: dot1x-registry:registry:dot1x_ether_macaddr called
Malleswaram_2960#no debug all
*Mar 8 00:03:28.848: dot1x-ev(Fa0/1): Sending out EAPOL packet
*Mar 8 00:03:28.848: EAPOL pak dump Tx
*Mar 8 00:03:28.848: EAPOL Version: 0x3 type: 0x0 length: 0x0005
*Mar 8 00:03:28.848: EAP code: 0x1 id: 0x1 length: 0x0005 type: 0x1
*Mar 8 00:03:28.848: dot1x-packet(Fa0/1): EAPOL packet sent to client 0x4A000DBB (d43d.7e65.4fc1)
Malleswaram_2960#no debug all
All possible debugging has been turned off
Malleswaram_2960#
*Mar 8 00:03:31.180: AAA: parse name=tty1 idb type=-1 tty=-1
*Mar 8 00:03:31.180: AAA: name=tty1 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=1 channel=0
*Mar 8 00:03:31.180: AAA/MEMORY: create_user (0x21D1684) user='jameela' ruser='Malleswaram_2960' ds0=0 port='tty1' rem_addr='10.26.20.5' authen_type=ASCII service=NONE priv=15 initial_task_id='0', vrf= (id=0) key=C9A1F1D1
*Mar 8 00:03:31.389: TAC+: (-1901802859): received author response status = PASS_ADD
*Mar 8 00:03:31.389: AAA/MEMORY: free_user (0x21D1684) user='jameela' ruser='Malleswaram_2960' port='tty1' rem_addr='10.26.20.5' authen_type=ASCII service=NONE priv=15
*Mar 8 00:03:31.935: %DOT1X-5-FAIL: Authentication failed for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID
*Mar 8 00:03:31.935: %AUTHMGR-7-RESULT: Authentication result 'no-response' from 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
*Mar 8 00:03:31.935: %AUTHMGR-7-FAILOVER: Failing over from 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
*Mar 8 00:03:31.935: %AUTHMGR-7-NOMOREMETHODS: Exhausted all authentication methods for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
Malleswaram_2960#
*Mar 8 00:03:31.935: %AUTHMGR-5-FAIL: Authorization failed for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
Malleswaram_2960#no deb
Malleswaram_2960#no debug al
Malleswaram_2960#no debug all
All possible debugging has been turned off
Malleswaram_2960#
*Mar 8 00:04:32.677: %AUTHMGR-5-START: Starting 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
Malleswaram_2960#
*Mar 8 00:04:41.938: %DOT1X-5-FAIL: Authentication failed for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID
*Mar 8 00:04:41.938: %AUTHMGR-7-RESULT: Authentication result 'no-response' from 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
*Mar 8 00:04:41.938: %AUTHMGR-7-FAILOVER: Failing over from 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
*Mar 8 00:04:41.938: %AUTHMGR-7-NOMOREMETHODS: Exhausted all authentication methods for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
Malleswaram_2960#
*Mar 8 00:04:41.938: %AUTHMGR-5-FAIL: Authorization failed for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
Malleswaram_2960#
*Mar 8 00:05:42.654: %AUTHMGR-5-START: Starting 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
Malleswaram_2960#
*Mar 8 00:05:51.915: %DOT1X-5-FAIL: Authentication failed for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID
*Mar 8 00:05:51.915: %AUTHMGR-7-RESULT: Authentication result 'no-response' from 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
*Mar 8 00:05:51.915: %AUTHMGR-7-FAILOVER: Failing over from 'dot1x' for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
*Mar 8 00:05:51.915: %AUTHMGR-7-NOMOREMETHODS: Exhausted all authentication methods for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
Malleswaram_2960#
*Mar 8 00:05:51.915: %AUTHMGR-5-FAIL: Authorization failed for client (d43d.7e65.4fc1) on Interface Fa0/1 AuditSessionID 0A1AED0B000000EF240F9BC3
Pls dont worry about day and time. -
DHCP issues with Cisco WAP 321
I have 4 Cisco WAP 321's in my office connected to our Cisco 2911 ISR for DHCP, everything is fine on the office wifi on vlan 1 but vlan 3 with the guest wifi network it fails to obtain an IP address. I have tried under each of the WAPs to make sure it wasnt just the one nearest my desk. I was on the phone yesterday with Cisco about this and we turned on debugging and watched the DHCP requests and no requests even hit the ISR (only thing I have smartnet support on). I noticed our firmware was a few versions old so updated that this morning but still have the same issues so now I am turning to you all to help me figure this out.
Thanks
Jake
This topic first appeared in the Spiceworks CommunityI have 4 Cisco WAP 321's in my office connected to our Cisco 2911 ISR for DHCP, everything is fine on the office wifi on vlan 1 but vlan 3 with the guest wifi network it fails to obtain an IP address. I have tried under each of the WAPs to make sure it wasnt just the one nearest my desk. I was on the phone yesterday with Cisco about this and we turned on debugging and watched the DHCP requests and no requests even hit the ISR (only thing I have smartnet support on). I noticed our firmware was a few versions old so updated that this morning but still have the same issues so now I am turning to you all to help me figure this out.
Thanks
Jake
This topic first appeared in the Spiceworks Community -
Port Channel Issue on Cisco 2960s-24ts
Hi All
Last week at a customer site we installed a 2nd 2960s 24 port switch to form a stack using flexstack cables, and the switch stack is working as expected as I can see a master switch and 2nd switch as a member.
For redundancy / resilience we decided to use port 24 on each switch over copper for trunk uplinks to our core switch. The issue that we're having is I can't ping the switch management address. I can however see the address in the arp table and the edge switch is visible when I run show cdp nei. As a work around I've shutdown one of the ports to the downlink from core to edge in order to ping the management address of the switch which is in vlan 1. I'd like to get the port-channel working on both sides for resilience.
ANY HELP IS APPRECIATED...
Core switch is a WS-C3750G-24TS-1U running software version C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(25r)SEE4, C3750 Software (C3750-IPBASE-M)
Edge switch is a WS-C2960S-24TS-L running software version C2960S Boot Loader (C2960S-HBOOT-M) Version 12.2(53r)SE,C2960S Software (C2960S-UNIVERSALK9-M)
The config on the edge switch which goes to the core is :
interface GigabitEthernet1/0/24
description *****
switchport mode trunk
channel-group 6 mode on
end
interface GigabitEthernet2/0/24
description *****
switchport mode trunk
channel-group 6 mode on
end
interface Port-channel6
description ******
switchport mode trunk
end
The config on the downlink ports from the core to the edge:
interface GigabitEthernet1/0/20
description Edge
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 20 mode on
end
interface GigabitEthernet2/0/20
description Edge
switchport trunk encapsulation dot1q
switchport mode trunk
shutdown
channel-group 20 mode on
end
interface Port-channel20
description Edge
switchport trunk encapsulation dot1q
switchport mode trunk
endwhen using channel-group # on mode you must make sure the ports are on same duplex and speed setting
what happens when you use active mode? -
DHCP issue on Cisco IOS router
Hi experts,
I recently got complaints that some clients can't get IP address through the DHCP server configured on a Cisco IOS router. I turned on debugging on DHCP events and packets and I see the following logs.
Mar 22 15:33:41: DHCPD: DHCPREQUEST received from client 0100.1b63.f246.8c.
Mar 22 15:33:41: DHCPD: Finding a relay for client 0100.1b63.f246.8c on interface FastEthernet1/0.10.
Mar 22 15:33:41: DHCPD: Seeing if there is an internally specified pool class:
Mar 22 15:33:41: DHCPD: htype 1 chaddr 001b.63f2.468c
Mar 22 15:33:41: DHCPD: remote id 020a0000cf6050011000000a
Mar 22 15:33:41: DHCPD: circuit id 00000000
Mar 22 15:34:02: DHCPD: DHCPREQUEST received from client 0100.1b63.f246.8c.
Mar 22 15:34:02: DHCPD: Finding a relay for client 0100.1b63.f246.8c on interface FastEthernet1/0.10.
Mar 22 15:34:02: DHCPD: Seeing if there is an internally specified pool class:
Mar 22 15:34:02: DHCPD: htype 1 chaddr 001b.63f2.468c
Mar 22 15:34:02: DHCPD: remote id 020a0000cf6050011000000a
Mar 22 15:34:02: DHCPD: circuit id 00000000
Then it will repeat and repeat for this MAC. Any reason why the router is not assigning an IP to it? It actually happens to some other MACs as well... They are from different vendors and located on different switches... I can't really find a pattern for this problem... The DHCP pool hasn't run out and it still has available IPs in it.
ThanksHi Alain, thanks for quick reply. The followings contain the output that you required. I hided the prefix of the IP with a.b.c. Thanks!
interface FastEthernet1/0.10
description : DHCP for EXHIBITION VLAN
encapsulation dot1Q 10
ip address a.b.c.1 255.255.255.128
no ip redirects
no ip unreachables
no ip proxy-arp
end
r#sh ip dhcp pool
Pool EXHIBIT :
Utilization mark (high/low) : 100 / 0
Subnet size (first/next) : 0 / 0
Total addresses : 126
Leased addresses : 47
Pending event : none
1 subnet is currently in the pool :
Current index IP address range Leased addresses
a.b.c.118 a.b.c.1 - a.b.c.126 47
#sh run | in/be dhcp
no ip dhcp use vrf connected
ip dhcp excluded-address a.b.c.1 a.b.c.11
ip dhcp excluded-address a.b.c.126
ip dhcp excluded-address a.b.c.100 a.b.c.101
ip dhcp excluded-address a.b.c.51
ip dhcp pool EXHIBIT
network a.b.c.0 255.255.255.128
default-router a.b.c.1
dns-server 207.172.3.8 207.172.3.9
domain-name xyz.com
#sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
a.b.c.19 0168.7f74.6260.9b Mar 23 2011 01:56 PM Automatic
a.b.c.52 0100.4854.897d.17 Mar 23 2011 12:53 PM Automatic
a.b.c.56 0100.4063.e7b5.b2 Mar 23 2011 03:33 PM Automatic
a.b.c.57 0100.1b63.f246.8c Mar 23 2011 03:34 PM Automatic
a.b.c.68 015c.5948.0b97.d6 Mar 22 2011 05:59 PM Automatic
a.b.c.69 0168.7f74.626d.67 Mar 23 2011 07:07 AM Automatic
a.b.c.70 0198.fc11.5027.1d Mar 22 2011 07:04 PM Automatic
a.b.c.71 01dc.2b61.04ba.af Mar 22 2011 10:26 PM Automatic
a.b.c.72 017c.c537.58e6.64 Mar 22 2011 08:37 PM Automatic
a.b.c.73 017c.6d62.3303.57 Mar 23 2011 03:54 AM Automatic
a.b.c.74 0124.ab81.cda4.68 Mar 23 2011 05:01 AM Automatic
a.b.c.75 0100.1e52.8f11.a5 Mar 23 2011 02:47 PM Automatic
a.b.c.76 0100.264a.5fc8.e3 Mar 23 2011 07:13 AM Automatic
a.b.c.77 017c.6d62.38cd.40 Mar 23 2011 02:06 PM Automatic
a.b.c.78 0100.1d4f.f647.79 Mar 23 2011 02:37 PM Automatic
a.b.c.79 0100.26b0.8637.3d Mar 23 2011 01:16 PM Automatic
a.b.c.81 0130.694b.e9de.82 Mar 23 2011 03:19 PM Automatic
a.b.c.82 0100.21e9.6864.80 Mar 23 2011 12:04 PM Automatic
a.b.c.83 0124.ab81.63e6.b5 Mar 23 2011 09:38 AM Automatic
a.b.c.84 0100.16b6.0455.c2 Mar 23 2011 09:42 AM Automatic
a.b.c.85 0100.1302.4c96.9e Mar 23 2011 09:49 AM Automatic
a.b.c.86 0140.a6d9.741c.e0 Mar 23 2011 12:12 PM Automatic
a.b.c.87 0100.264a.b8e9.50 Mar 23 2011 10:16 AM Automatic
a.b.c.88 0140.a6d9.4911.67 Mar 23 2011 03:19 PM Automatic
a.b.c.89 013c.7437.1e32.96 Mar 23 2011 10:27 AM Automatic
a.b.c.90 01d8.3062.689c.4b Mar 23 2011 11:55 AM Automatic
a.b.c.91 0158.946b.4df8.bc Mar 23 2011 10:49 AM Automatic
a.b.c.92 0100.2215.7368.26 Mar 23 2011 10:23 AM Automatic
a.b.c.93 0100.23df.76ea.90 Mar 23 2011 02:33 PM Automatic
a.b.c.94 0124.ab81.708d.83 Mar 23 2011 03:58 PM Automatic
a.b.c.95 0100.1cb3.163d.5a Mar 23 2011 03:13 PM Automatic
a.b.c.96 01cc.08e0.2aeb.96 Mar 23 2011 01:27 PM Automatic
a.b.c.97 0188.c663.d0d0.55 Mar 23 2011 01:57 PM Automatic
a.b.c.98 0100.1b77.08bb.89 Mar 23 2011 01:15 PM Automatic
a.b.c.99 0100.1ec2.47d7.19 Mar 23 2011 12:43 PM Automatic
a.b.c.102 0100.1310.8e74.78 Mar 23 2011 12:41 PM Automatic
a.b.c.103 0100.24d6.58b0.82 Mar 23 2011 01:44 PM Automatic
a.b.c.104 0100.2608.7df2.68 Mar 23 2011 03:23 PM Automatic
a.b.c.106 01c8.bcc8.1a86.41 Mar 23 2011 03:56 PM Automatic
a.b.c.107 01a4.6706.1e54.94 Mar 23 2011 04:08 PM Automatic
a.b.c.108 017c.c537.46ac.0e Mar 23 2011 02:41 PM Automatic
a.b.c.111 0100.037f.0ea2.19 Mar 23 2011 02:47 PM Automatic
a.b.c.112 01d8.3062.75c5.9c Mar 23 2011 03:33 PM Automatic
a.b.c.113 0021.9116.449e Mar 23 2011 03:36 PM Automatic
a.b.c.114 0100.1ff3.46d9.a9 Mar 23 2011 03:40 PM Automatic
a.b.c.116 0104.1e64.4a0d.a3 Mar 23 2011 04:21 PM Automatic
a.b.c.117 0190.27e4.4ae8.94 Mar 23 2011 04:24 PM Automatic
Thanks! -
Cisco 2960-X & ISE accounting- username Radius attribute missing
Hi,
I'm facing an issue with cisco 2960 switch radius accounting with Cisco ISE1.2.1 .here is my senario:
- Username (vendor1) is configured in ISE local database, under group (VENDOR)
- Authentication protocol : wired MAB
- Authentication method : webauth using guest portal , the user is a vendor , so no dot1x configured on his NIC .
the problem is that , the switch is not sending the username as a part of radius attribute , in the authentication log , the username shown as the MAC address of the user machine , therefor , I can not configure my authorization condition using internaluser:Name Equal vendor1
while if I configure the condition using the identity group condition IdentityGroup:Name Equal VENDOR , it works .
The same configuration is working on 3750 switch with no issue .
Here is my Switch config:
aaa authentication login default local
aaa authentication dot1x default group radius
aaa authorization network default group radius
aaa authorization auth-proxy default group radius
aaa accounting auth-proxy default start-stop group radius
aaa accounting dot1x default start-stop group radius
aaa accounting update periodic 5
username admin password
username radius-test password
aaa server radius dynamic-author
client 172.16.2.20 server-key 7 04490A0206345F450C00
client 172.16.2.21 server-key 7 03165A0F0F1A32474B10
radius server ISE-RADIUS-1
address ipv4 172.16.2.20 auth-port 1812 acct-port 1813
automate-tester username radius-test idle-time 15
key 7 111B18011E0718070133
radius server ISE-RADIUS-2
address ipv4 172.16.2.21 auth-port 1812 acct-port 1813
automate-tester username radius-test idle-time 15
key 7 0214055F02131C2A4957
radius-server attribute 6 on-for-login-auth
radius-server attribute 8 include-in-access-req
radius-server attribute 25 access-request include
radius-server attribute 31 mac format ietf upper-case
radius-server attribute 31 send nas-port-detail
radius-server dead-criteria time 5 tries 3
radius-server vsa send accounting
radius-server vsa send authentication
any help !!!Thanks for your reply , I know what's MAB , if you read my explanation again , i mentioned that the user is authenticated in the guest portal which mean that I have web authentication , and it is working fine .. The only issue is that I can not use the vendor1 username as part of authorization condition and this is because the switch is not sending the radius attribute type 1 to the ISE , thus , on the ise authentication log the MAC address of the client machine is shown as a username not the actual username ( vendor1)
as I mentioned also , I have exactly the same setup with ise 1.2 and 3750 switch and I do not have this issue .I experience this with 2960x only . -
Sfp issue to connect to cisco 2960
We bought two Cisco 2960-48TC-L, I have issue with gi0/1 and 0/2. the sfp won't stick into the port firmly, you have to press the it in order to get the light,try with second 2960, the same result, yet, tried some other 2960 we got few month ago, it works fine, by the way, these 2 cisco 2960 made in Oct,08, I suspect the gi0/1 and 0/2 is defective, anyone has any suggestion?
Once you insert the SFP's the switches should detect and can be seen from the sh int status command
If they are not detecting, then i would suggest you raise a case with cisco and get RMA
Narayan -
Cisco 2960-X / Singlewire / Atlas Multicast Issues
Atlas and Singlewire are blaming the 2960-X stating that it is blocking the multicast traffic and this is why the Atlas IPS-ZCM cannot register because the SLP packets are not reaching the Singlewire server.
Already worked with Cisco TAC and they state there are no issue on the 2960-X. But based on the wiresharks from both devices, I do see the SLP request leaving the Atlas device, but I never see it hit the Singlewire server. Both devices are physically on the same switch and on the same vlan.
I have enabled and disabled IP IGMP Snooping globally with no success.
Any suggestions on a fix would be appreciated.
Atlas devices is on port 1/0/43
Singlewire is a VM running on BE6K server on port 1/0/47
=====CONFIG-=====
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname 2960
boot-start-marker
boot-end-marker
aaa new-model
aaa session-id common
clock timezone PST -8 0
clock summer-time PST recurring
switch 1 provision ws-c2960x-48ts-l
switch 2 provision ws-c2960x-24ts-l
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
interface FastEthernet0
no ip address
no ip route-cache
interface GigabitEthernet1/0/1
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/2
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/3
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/4
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/5
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/6
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/7
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/8
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/9
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/10
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/11
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/12
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/13
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/14
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/15
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/16
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/17
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/18
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/19
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/20
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/21
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/22
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/23
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/24
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/25
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/26
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/27
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/28
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/29
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/30
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/31
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/32
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/33
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/34
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/35
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/36
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/37
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/38
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/39
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/40
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/41
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/42
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/43
description **Connects to Paging Equipment**
switchport access vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/44
description **Connects to Core Data Switch**
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/45
description **Connects to Fax Finder 440**
switchport access vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/46
description **Connects to Point to Point Between INC & Plant A**
switchport access vlan 100
interface GigabitEthernet1/0/47
description **Connects to BE6K Server Port 1**
switchport access vlan 100
spanning-tree portfast
interface GigabitEthernet1/0/48
description **Connects to INCVGW-2921 Port GE 0/0**
switchport trunk allowed vlan 1,100
switchport mode trunk
interface GigabitEthernet1/0/49
interface GigabitEthernet1/0/50
interface GigabitEthernet1/0/51
interface GigabitEthernet1/0/52
interface GigabitEthernet2/0/1
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/2
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/3
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/4
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/5
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/6
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/7
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/8
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/9
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/10
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/11
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/12
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/13
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/14
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/15
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/16
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/17
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/18
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/19
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/20
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/21
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/22
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/23
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/24
switchport voice vlan 100
spanning-tree portfast
interface GigabitEthernet2/0/25
interface GigabitEthernet2/0/26
interface GigabitEthernet2/0/27
interface GigabitEthernet2/0/28
interface Vlan1
description **DATA VLAN**
ip address 10.10.0.82 255.255.0.0
interface Vlan100
description **VOICE VLAN**
ip address 10.11.0.3 255.255.255.0
ip default-gateway 10.10.0.81
==========Hi Leo -
So after holding the mode button down I'm not getting the option to break the prompt.
Could this mean AAA is enabled? Switches are not stacked as I thought they might be.
CPU rev: B
Image passed digital signature verification
Board rev: 5
Testing DataBus...
Testing AddressBus...
Testing Memory from 0x00000000 to 0x1fffffff.../
Using driver version 3 for media type 1
Xmodem file system is available.
Base ethernet MAC Address: 2c:3e:cf:3f:ee:80
The password-recovery mechanism is enabled.
USB EHCI 1.00
USB EHCI 1.00
USB Console INIT
Initializing Flash...
mifs[5]: 10 files, 1 directories
mifs[5]: Total bytes : 1806336
mifs[5]: Bytes used : 690688
mifs[5]: Bytes available : 1115648
mifs[5]: mifs fsck took 1 seconds.
mifs[6]: 0 files, 1 directories
mifs[6]: Total bytes : 3870720
mifs[6]: Bytes used : 1024
mifs[6]: Bytes available : 3869696
mifs[6]: mifs fsck took 0 seconds.
mifs[7]: 5 files, 1 directories
mifs[7]: Total bytes : 258048
mifs[7]: Bytes used : 8192
mifs[7]: Bytes available : 249856
mifs[7]: mifs fsck took 0 seconds.
mifs[8]: 5 files, 1 directories
mifs[8]: Total bytes : 258048
mifs[8]: Bytes used : 8192
mifs[8]: Bytes available : 249856
mifs[8]: mifs fsck took 0 seconds.
mifs[9]: 626 files, 20 directories
mifs[9]: Total bytes : 122185728
mifs[9]: Bytes used : 23478272
mifs[9]: Bytes available : 98707456
mifs[9]: mifs fsck took 29 seconds.
...done Initializing Flash.
-B -
Nexus 2K to Cisco 2960 IOS Switch
Hi,
I am trying to connect Nexus 2K FEX to Cisco 2960 IOS Switch (Trunk config) and causing spanning tree loop having issues. I am aware that I should't be connecting non host port to 2K FEX but it's corner case. I have done similar setup with Access Port configuration and didn't faced any issues.
Nexus 5K config Config
interface Ethernet107/1/47
switchport mode trunk
switchport trunk allowed vlan 500-501
spanning-tree guard root
spanning-tree bpdufilter enable
interface Ethernet108/1/47
switchport mode trunk
switchport trunk allowed vlan 500-501
spanning-tree guard root
spanning-tree bpdufilter enable
2960-Config
interface GigabitEthernet1/0/47
switchport mode trunk
switchport trunk allowed vlan 500-501
spanning-tree bpdufilter enable
interface GigabitEthernet1/0/48
switchport mode trunk
switchport trunk allowed vlan 500-501
spanning-tree bpdufilter enable
Error Log
%FWM-2-STM_LOOP_DETECT: Loops detected in the network for mac 001b.1700.0130 among ports Eth107/1/47
Eth108/1/47 vlan 500 - Disabling dynamic learn notifications for 180 seconds
Should I configure port as "spanning-tree port type network" and create VPC and "storm-control broadcast level" to stop future occurrence? OR Do i have to configure anything else to prevent spanning-tree loops?
Thanks for your help
RiteshHi,
spanning-tree port type network is used for VPC peer-link. Try creating a new VPC and add ports 107/1/47 and 108/1/47 to it and a Portchannel on the 2960 and test.
HTH -
Power up cisco 2960 switch with 12V DC Power
hi all ,
I have some issue with supply power to cisco 2960-24TT-L switch. In my server farm rack is having DC current of -48V. But however cisco switch require 12V DC current.
Cisco Spec.
Cisco Catalyst 2960-24TT-L
12V at 5 A
5 A
How can I power on the switch using DC current ? Is there any power converter which I can purchase ? your responses are very much.
ThanksYou may also go here:
https://supportforums.cisco.com/community/netpro/small-business
The Search Function is your friend.... and Google too.
How to Secure your Network
How to Upgrade Routers Firmware
Setting-Up a Router with DSL Internet Service
Setting-Up a Router with Cable Internet Service
How to Hard Reset or 30/30/30 your Router -
Recovery missing or corrupted IOS of Cisco 2960 Catalyst Switch
Dear Team,
I have Cisco 2960 48P switch, It is keep getting restarted and config was erased.
when I tried to run the IOS from hypertrm in room mode, I am getting below error..
My doubt is, is there any issue with hardware & what is the cause of for below error
suggest me, is there any option to upgrade the IOS?
switch: flash_init
Initializing Flash...
flashfs[0]: 0 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 32514048
flashfs[0]: Bytes used: 1024
flashfs[0]: Bytes available: 32513024
flashfs[0]: flashfs fsck took 9 seconds.
...done Initializing Flash.
switch: copy xmodem: flash:c2960-lanbasek9-mz.122-50.SE5.bin
Begin the Xmodem or Xmodem-1K transfer now...
CCCCBB0BB0................flashfs[0]: filesystem marked down. Use "fsck" to rec
over.
flash:c2960-lanbasek9-mz.122-50.SE5.bin: interrupted system call
switch:Error message means your BIN file is corrupt. You need to download again from the Cisco website.
-
I have load CISCO-ENVMON-MIB and initiate walk in it but unable to find OID of Cisco 2960 temperature monitor..
I have search over net and found .1.3.6.1.4.1.9.9.13.1.3.1.3.1 for temperature but this OID is not responding in this mib.
Regards,
Arshad AhmedHi,
What is the version of IOS you are using? What is your SNMP config?
Here is an example output:
snmpwalk -v2c -c public 10.12.12.12 .1.3.6.1.4.1.9.9.13
SNMPv2-SMI::enterprises.9.9.13.1.3.1.2.1 = STRING: "chassis"
SNMPv2-SMI::enterprises.9.9.13.1.3.1.6.1 = INTEGER: 5
SNMPv2-SMI::enterprises.9.9.13.1.4.1.2.1 = STRING: "chassis"
SNMPv2-SMI::enterprises.9.9.13.1.4.1.3.1 = INTEGER: 1
SNMPv2-SMI::enterprises.9.9.13.1.5.1.2.1 = STRING: "internal power supply"
SNMPv2-SMI::enterprises.9.9.13.1.5.1.3.1 = INTEGER: 1
SNMPv2-SMI::enterprises.9.9.13.1.5.1.4.1 = INTEGER: 0
SNMPv2-SMI::enterprises.9.9.13.1.6.0 = Hex-STRING: 00
SNMPv2-SMI::enterprises.9.9.13.2.1.0 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.13.2.3.0 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.13.2.4.0 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.13.2.5.0 = INTEGER: 2
SNMPv2-SMI::enterprises.9.9.13.2.6.0 = INTEGER: 2
To verify that the MIB exists in your image please navigate to:
http://tools.cisco.com/Support/SNMP/do/MIBSupport.do?local=en&step=3
Once there, issue a 'sh ver' on your device and copy and paste the entire name into the tool.
Thanks -
Alteon Switch to Cisco 2960 port aggrigating
LACP / 802.3ad is required to aggrigate a cisco to a non cisco switch, is there any issues connecting a Cisco 2960 to a Alteon Switch.
There should be none as long as alteon support LaCP, 2960 certainly do. for configuration guide info, have a look at the following:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2960/12225see/scg/swethchl.htm
Please rate all posts. -
Slow download performance with windows 7 on Cisco 2960S
has someone experience with the the windows 7 on Cisco 2960S.
One customer had the issue with very slow download rate ( 500kByte) with 100MB / full duplex and default tcp paramenter under win 7 with IOS 12.2.55SE1.
No error was seen.
The change of follwing in windows improve the performance a litte bit to 1-2 MByte.
no compression, no tcp windowing, no received side scaling, no windows side heuristic, no checksum offloading and a smaller MTU size than default.
After update the Switch to 12.2.55.SE2 the performance imporve to 4-12 MByte.
Has someone an idea about the chances in IOS 12.2.55SE2. I cant find anything in RN about this issue.
Best regards
SteffenI have the same issues in WS-C2960G-48TC-L . my downloads dropped in my lan from 2 mb/s to 100kb/s in all operating systems including linux workstations . my ios version is 12.2(44)SE5 in 2960 switches .
i have 2 x 4503-E L3 and 14 2960-48TC-L switches but i can not access the new ios versions to test if the issue is coming from ios version because of end of support .
can someone ensure that the new ios remove this issue ? -
Cisco 2960S SFF8472-5-THRESHOLD_VIOLATION
Hi All
I have a issue connecting my Cisco 3750X 12 port fibre switch to my Cisco 2960S 24Port switch using Multi Mode Fibre.
I have Mode condtioning cables connecting to the SFP (GLC-LH-SMD) on the 3750 via a fibre patch panel which bring me to the 2960s with its Mode conditioning cable and SFP (GLC-LH-SMD).
The fibre port on the Cisco 2960S was up for all of 10 mins and has gone out with the following error message.
%SFF8472-5-THRESHOLD_VIOLATION: Gi1/0/26: Rx power high warning; Operating value: -2.7 dBm, Threshold value: -3.0 dBm.
I did a show int transceiver command and got the following output.
DS-THN-SW3#show interfaces transceiver
If device is externally calibrated, only calibrated values are printed.
++ : high alarm, + : high warning, - : low warning, -- : low alarm.
NA or N/A: not applicable, Tx: transmit, Rx: receive.
mA: milliamperes, dBm: decibels (milliwatts).
Optical Optical
Temperature Voltage Tx Power Rx Power
Port (Celsius) (Volts) (dBm) (dBm)
Gi1/0/26 25.2 3.31 -5.1 -28.5
All SFP's are new as is the Multi Mode Fibre cable running from one building to another.Hi All,
One of member port of port channel was flapping and Here is the error message
Error log:
.Mar 17 08:27:37: %SFF8472-5-THRESHOLD_VIOLATION: Te6/1/1: Tx power low alarm; Operating value: -40.0 dBm, Threshold value: -11.3 dBm.
Cisco TAC analyse the issue under 629566213 but their initial advices was not much experience oriented.
Finally I have resolved the issue just by entering following command.
switch 6 frulink reload
Janaka Wellege Bsc.Eng
University of Peradeniya.
Maybe you are looking for
-
show the data shows whe i selet for sync (i have ticked sync only ticked icon) and selected two playlists - the data usage shows an extra 3.2 gb off my 32g ipad and the movies show up purple on the data usage bar, i press apply / sync it takes 20mins
-
Please I need to get my Tiger back to open my saved files. How do I uninstall the leopard.
-
I would like to develop a report package for Cisco Wireless device using the SNMP (MIB Objects) access. Can anyone suggest me what are all kind of report i can produce ..? Like, CPU Usage, Memory and Buffer Usage, Process utilization and Conne cted N
-
Putting Category Counts in a Tool Tip on a Line Chart -SQL Server 2008 R2
I have a line chart report that shows the total number of tickets processed each month. Within the same recordset is the data of who processed the ticket. So I want to add in the ToolTip on the Datapoints the number of tickets processed by each per
-
Print insert result to a printer in TSQL trigger after insert - Need help.
Hi, I am trying to print a record to a printer whenever a new record is inserted into a table called PrintTickets, using TSQL trigger for insert. Is it possible to print a new inserted record to a printer? Here is the trigger tsql statement: ALTER