Reset Search
 

 

Article

Netlogin authentication fails after receiving radius accept message

« Go Back

Information

 
TitleNetlogin authentication fails after receiving radius accept message
Symptoms
A Netlogin switch receives a radius access accept message for the authenticating user, but the switch still fails the supplicant authentication.
Environment
  • EXOS All
  • Netlogin
  • Netlogin VLAN
  • RADIUS
  • Extreme Policy is not used in this situation as the Netlogin VLAN is not used when policy is enabled.

 
Cause
The authenticating supplicant is in the Netlogin VLAN, and is configured to stay in the netlogin VLAN after authentication is complete.  This is not a valid configuration as Netlogin is not allowed to let a supplicant be authenticated in the Netlogin VLAN.  This is why authentication fails.
Resolution
This problem can be resolved in one of these two ways.
  • Add the port to a different VLAN other than the netlogin VLAN.
  • Configure the Radius accept message to move the port to another VLAN after authentication.
Additional notes
If you enable Netlogin on a port that is not added to any VLAN already it will be added to the Netlogin VLAN by default.  This is how people run into this behaviour.

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255