Reset Search
 

 

Article

Devices in netlogin service unavailable vlan are blocked with every re-authentication

« Go Back

Information

 
TitleDevices in netlogin service unavailable vlan are blocked with every re-authentication
Symptoms
When netlogin service-unavailable is used together with dot1x, devices in the service unavailable vlan are unauthenticated (blocked) with every reauth attempt to the authentication service.
Environment
EXOS 
Netlogin dot1x
service unavailable vlan
 
Cause
This is caused by the reauthentication timer which tries to re-authenticate. It does this by unauthenticating the port/mac and try to authenticate again.
If the authentication servers are still not available during that the port or mac will be in unauthenticated state (blocked) until all authentication servers are tried (retry + timeouts).

This behavior is found wrong and is documented as bug xos0067106
Resolution
A workaround if to either set the reauth timer very high or disable reauth (0).

The CR will be fixed in the following EXOS versions.
16.2.3
21.1.3-patch(May)
22.3
 
Additional notes
xos0067106

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255