4 802.1x troubleshooting, Roubleshooting – PLANET XGS3-24040 User Manual
Page 482
Chapter 47 802.1x Configuration
47-22
47.4 802.1x Troubleshooting
It is possible that 802.1x be configured on ports and 802.1x authentication be set to auto, t switch
can’t be to authenticated state after the user runs 802.1x supplicant software. Here are some
possible causes and solutions:
If 802.1x cannot be enabled for a port, make sure the port is not executing MAC binding, or
configured as a port aggregation. To enable the 802.1x authentication, the above functions must be
disabled.
If the switch is configured properly but still cannot pass through authentication, connectivity
between the switch and RADIUS server, the switch and 802.1x client should be verified, and the
port and VLAN configuration for the switch should be checked, too.
Check the event log in the RADIUS server for possible causes. In the event log, not only
unsuccessful logins are recorded, but prompts for the causes of unsuccessful login. If the event log
indicates wrong authenticator password, radius-server key parameter shall be modified; if the event
log indicates no such authenticator, the authenticator needs to be added to the RADIUS server; if
the event log indicates no such login user, the user login ID and password may be wrong and
should be verified and input again.
Web Authentication Proxy based on 802.1x is disabled by default. Open the debug dot1x switch to
check debugging information when the Web Authentication Proxy based on 802.1x is opened.
If the state display of the port is not disabled when use show dot1x, that means the Web
Authentication Proxy function based on 802.1x is not close it.
The switch of the Web Authentication Proxy based on 802.1x achieves less than 1024 users who
had authenticated simultaneity on line. If exceeds this limit will return hint information.
When the Web Authentication is failed should check whether the dot1x privateclient enable
command is enabled, if the command had been enabled, then the private authentication function
need close.