Reset Search
 

 

Article

In dot1x authentication EAP request packets are sent without tag even though port is added as tagged

« Go Back

Information

 
TitleIn dot1x authentication EAP request packets are sent without tag even though port is added as tagged
Symptoms
Dot1x Authentication fails where in if the authenticator is not the directly connected switch 

Client >>> Switch1 >>> Switch 2(Netlogin enabled) >>> Radius server

In the above setup EAPOL request reaches the switch2 from client but the EAP identity request from the switch 2 never reaches the client hence the authentication never gets completed.

This issue is applicable if the client VLAN is tagged in the interlink ports untagged VLAN works as expected. 
Environment
  • EXOS All
  • Summit and BlackDiamond series
  • Netlogin 
  • 802.1x 
  • EAP
  • EAPOL
Cause
The switch 2 send a untagged requested even though the port is tagged which makes the switch 1 to drop the frames. 
Resolution
Enhancements are expected to be done in the upcoming release of  22.4.1 and 16.2.4 and this is tracked in the CR xos0068982
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255