4 802.1x troubleshooting, Roubleshooting – PLANET WGSW-52040 User Manual

Switch(config)#radius-server authentication host 2004:1:2:3::3

Switch(config)#radius-server accounting host 2004:1:2:3::3

Switch(config)#radius-server key test

Switch(config)#aaa enable

Switch(config)#aaa-accounting enable

Switch(config)#dot1x enable

Switch(config)#interface ethernet 1/2

Switch(Config-If-Ethernet1/2)#dot1x enable

Switch(Config-If-Ethernet1/2)#dot1x port-control auto

Switch(Config-If-Ethernet1/2)#exit

42.4 802.1x Troubleshooting

It is possible that 802.1x be configured on ports and 802.1x authentication be set to auto, t

switch can’t be to authenticated state after the user runs 802.1x supplicant software. Here are

some possible causes and solutions:



If 802.1x cannot be enabled for a port, make sure the port is not executing MAC binding,

or configured as a port aggregation. To enable the 802.1x authentication, the above

functions must be disabled.



If the switch is configured properly but still cannot pass through authentication,

connectivity between the switch and RADIUS server, the switch and 802.1x client should

be verified, and the port and VLAN configuration for the switch should be checked, too.



Check the event log in the RADIUS server for possible causes. In the event log, not only

unsuccessful logins are recorded, but prompts for the causes of unsuccessful login. If the

event log indicates wrong authenticator password, radius-server key parameter shall be

modified; if the event log indicates no such authenticator, the authenticator needs to be

added to the RADIUS server; if the event log indicates no such login user, the user login

ID and password may be wrong and should be verified and input again.

42-157