Reset Search
 

 

Article

the output of show netloggin session is diplaying additional sessions

« Go Back

Information

 
Titlethe output of show netloggin session is diplaying additional sessions
Question
Why does the output of the output of the "show netloggin  session port " is displaying additional sessions the number of which sometimes exceeding the number of physical mac addresses behind port. For example the output below per port is displaying 4 session however there are only two mac addresses behind that port.

########################################################################################################
* Slot-1 12.192.44 # sh netlogin session port 1:2
Multiple authentication session entries
---------------------------------------

Port : 1:2 Station address : 00:80:9f:ec:45:6a
Auth status : success Last attempt : Fri May 12 14:06:03 2017
Agent type : dot1x Session applied : true
Server type : radius VLAN-Tunnel-Attr : None
Policy index : 0 Policy name : No Policy applied
Session timeout : 604800 Session duration : 0:32:30
Idle timeout : 300 Idle time : 0:00:00
Termination time: Not Terminated


Port : 1:2 Station address : 00:80:9f:ec:45:6a
Auth status : success Last attempt : Thu May 4 16:59:23 2017
Agent type : mac Session applied : false
Server type : radius VLAN-Tunnel-Attr : 4090 (active)
Policy index : 3 Policy name : Pre-Login (active)
Session timeout : 0 Session duration : 7 days, 21:39:10
Idle timeout : 300 Idle time : 0:00:00
Termination time: Not Terminated


Port : 1:2 Station address : e4:7f:b2:12:82:7b
Auth status : success Last attempt : Thu May 11 22:26:12 2017
Agent type : dot1x Session applied : true
Server type : radius VLAN-Tunnel-Attr : 321 (active)
Policy index : 1 Policy name : Clients (active)
Session timeout : 0 Session duration : 16:12:21
Idle timeout : 300 Idle time : 0:00:00
Termination time: Not Terminated


Port : 1:2 Station address : e4:7f:b2:12:82:7b
Auth status : success Last attempt : Thu May 11 09:06:04 2017
Agent type : mac Session applied : false
Server type : radius VLAN-Tunnel-Attr : 4090 (active)
Policy index : 3 Policy name : Pre-Login (active)
Session timeout : 0 Session duration : 1 day, 5:32:29
Idle timeout : 300 Idle time : 0:00:00
Termination time: Not Terminated
########################################################################################################
Environment
EXOS
Answer
In case multiple types of authentication is being used  for example 8021.x and mac then in the background the switch is originating separate radius access requires for each type of authentication. The local switch config however defines that one of those types is preferred in this example this was the "dot1x" authentication type, thus only those type of session are marked with "Session applied : true", other which are not preferred will be marked as "Session applied : false". If the end customer require to see only the session that are currently applied i.e. "Session applied : true" the the end customer should use the command: "show netloggin port".
 
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255