Reset Search
 

 

Article

Policy Multi-Auth Limit is not working as expected in EXOS

« Go Back

Information

 
TitlePolicy Multi-Auth Limit is not working as expected in EXOS
Symptoms
  • Sessions continue to attempt to authenticate via Netlogin after reaching the port maximum number of allowed sessions within Policy
  • We should already know the end result is going to fail as Policy cannot add another session
03/24/2016 14:57:00.32 <Info:nl.ClientReset> The authentication state of Network Login user <MAC2> was cleared by policy, Mac <MAC2> port 5 VLAN(s) "" Protocol(s) "MAC"
03/24/2016 14:57:00.32 <Info:nl.ClientAuthenticated> Network Login MAC user <MAC2> logged in MAC <MAC2> port 5 VLAN(s) "<unknown>", authentication Radius
03/24/2016 14:56:57.22 <Info:nl.ClientAuthenticated> Network Login MAC user <MAC1> logged in MAC <MAC1> port 5 VLAN(s) "<unknown>", authentication Radius

 
Environment
  • Summit
  • X460-G2
  • X450-G2
  • X440-G2
  • X620
  • EXOS version 16.1.3
  • EXOS version 21.1.1
  • OnePolicy
Cause
This is an known software issue tracked by CR xos0060930
Resolution
Upgrade to an EXOS version containing the fix for CR xos0060930 (Fix targeted for EXOS 22.2 )
Additional notes
When a device authenticates on the network to NAC the location is logged for a new switch port. When it goes offline, it is logged as disconnected. With a maximum number of authentications configured on a port, unexpected devices will appear on the network momentarily, which may impact the licensing used for NAC.

If you have an access point connected with bridge at AP enabled, but only a single authentication session allowed on the port (for the AP) you will also see all devices connecting behind the AP briefly.
 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255