Hi
Please advice, we have enabled dot1x on an N3 DFE-G-06.12.08.0003
The NIC keeps reseting as the pics below, any remedy to this as we has set
re-auth to be false yet this continues.
A minute later
Kind Regards
Pheko Mamabolo
Networks
Siemens Southern Africa
What are your nic settings for 802.1x?
From: Mamabolo, Pheko [mailto:pheko.mamab...@siemens.com]
Sent: Wednesday, November 09, 2011 2:54 AM
To: Enterasys Customer Mailing List
Subject: [enterasys] Help with dot1x reauthentication
Hi
Please advice, we have enabled dot1x on an N3
Pheko,
We dealt with this about a year ago, I was digging and trying to remember what
we did to fix it. First off, I would make sure the firmware is up-to-date. The
issue we had though was EAP packets hitting the ports on the switch and causing
any attached PC’s to re-authenticate. The timing
Me encuentro fuera de la ciudad, regresando el día 14 de noviembre del
presente, para cualquier asunto urgente favor de comunicarse con el Ing. David
Aguilar, al correo: dagui...@qtech.com.mx o al teléfono celular 0445552173678 u
oficina 559120.
Saludos y gracias.
---
To unsubscribe
Ant not just 802.1x auth, but make sure eapol is set to forced auth on the
uplink ports.
I believe that ended up being the solution to our problem.
Patrick Printz
Network Infrastructure
Quinsigamond Community College
670 West Boylston Street
Worcester, MA 01606-2092
w. 508-854-7517
c.
Anyone running Avaya 9600 series phones ever have an issue where the phones
talk to DHCP on the default VLAN, but when they switch to the voice VLAN, they
do not talk? I have been dealing with this for weeks, and the phones are not
talking on the voice VLAN like they should. I have done traces
Patrick,
I have heard from two different clients who deployed Avaya and had many issues
with the firmware on their phones. You might want to see if this is a known
issue with your Avaya rep and see about obtaining a firmware upgrade for the
phones. -Mike
From: Patrick Printz
You can use client class processing on the DHCP server to not offer any leases
to Avaya phones on the pools ( or vlans ) that are NOT meant for the phones.
For the pools (or vlans ) that ARE meant for the phones you can allow all
client classes.
The Avaya phones have a client class identifier
Patrick,
Can you provide the model of switch and config, sanitized if necessary?
The most likely cause is vlan egress, so I would start there.
I'm not familiar with the bootup sequence of Avaya phones, but usually the
phone would only switch to the correct voice vlan if its received the vlan
What's your DHCP setup? Do you have one DHCP server? If so, does it have an
interface in the Voice VLAN or are you using DHCP relay?
If you're using DHCP relay, then ensure your DHCP server port isn't
egressing the Voice VLAN or you'll run into this:
http://avayausers.com/showthread.php?t=3251
and if you put a workstation into the voice vlan, does that get an IP ok?
On Wed, Nov 9, 2011 at 6:03 PM, Nick Allen nick.al...@tbwa.com wrote:
What's your DHCP setup? Do you have one DHCP server? If so, does it have
an interface in the Voice VLAN or are you using DHCP relay?
If you're using
The phones work fine if I set the port vlan to the voice vlan. The issue
appears to be when the phone gets an IP from DHCP on the data vlan, is told to
jump to the voice vlan, and tries to pull a new IP. As I have exhaustively
looked at the vlan egress on the ports, I think this is a firmware
I had this same problem. The phone tries to get an IP address before
authenticating with 802.1x. This results in the phone getting an IP address on
the native, workstation VLAN. After the phone authenticates, the switch puts
the phone in the correct voice VLAN.
The phone now has a
Pheko,
On our edge network C-chassis’ we use:
#eapol
set dot1x enable
set dot1x auth-config reauthenabled true reauthperiod 7200 ge.1.1
set dot1x auth-config reauthperiod 14400 ge.1.21
where ge.1.1 is one of many edge ports and where ge.1.21 is an underlying
member of a LAG that goes to the
Hi Jolyon/Patrick,
I increased the times for the following attributes and set the uplink to
forced-auth.
set dot1x auth-config quietperiod from 3600 to 65535
set dot1x auth-config txperiod from 3600 to 65535
set dot1x auth-config reauthperiod from 3600 to 65535
set dot1x auth-config
15 matches
Mail list logo
