Hello Ivan. While negotiating, XP SP3 and switch shows this traffic:
[1 User-name ] [26] [host/pccen115.cosmart.bo] [32 NAS-Identifier ] [14] [001cc5363882] [5 NAS-Port ] [6 ] [268439553] [87 NAS_Port_Id ] [34] [unit=1;subslot=0;port=1;vlanid=1] [61 NAS-Port-Type ] [6 ] [15] [31 Caller-ID ] [16] [303030352D356437622D38643561] *0.40057968 5500G-EI RDS/8/DEBUG:- 1 - [40 Acct-Status-Type ] [6 ] [2] [45 Acct-Authentic ] [6 ] [1] [44 Acct-Session-Id ] [15] [110500011106f] [4 NAS-IP-Address ] [6 ] [192.168.100.245] [55 Event-Timestamp ] [6 ] [1104577657] [3com-26 Connect_ID ] [6 ] [35] *0.40057969 5500G-EI RDS/8/DEBUG:- 1 - [3com-29 Input_Peak_Rate ] [6 ] [0] [3com-2 Input_Average_Rate ] [6 ] [0] [3com-4 Output_Peak_Rate ] [6 ] [0] [3com-5 Output_Average_Rate ] [6 ] [0] [3com-22 Priority ] [6 ] [0] [3com-60 Ip-Host-Addr ] [27] [0.0.0.0 00:05:5d:7b:8d:5a] *0.40057969 5500G-EI RDS/8/DEBUG:- 1 - [46 Acct-Session-Time ] [6 ] [97] [41 Acct-Delay-Time ] [6 ] [0] [42 Acct-Input-Octets ] [6 ] [93000] [47 Acct-Input-Packets ] [6 ] [352] [43 Acct-Output-Octets ] [6 ] [126726] [48 Acct-Output-Packets ] [6 ] [698] *0.40057970 5500G-EI RDS/8/DEBUG:- 1 - [52 Acct_Input_Gigawords ] [6 ] [0] [53 Acct_Output_Gigawords ] [6 ] [0] [49 Terminate-Cause ] [6 ] [2] I let the client to stay on VLAN1, not moving to other vlan, the same behavior, the PC gets ACCESS-ACCEPT but then it tries again, until the exclamation icon appears, no ping to the client at all. What can it be ?, what i'm doing wrong ? is the problem XP SP3 ?, or is 3COM 5500G-EI ? Regards. Oxiel El Martes 08 Jul 2008, Ivan Kalik escribió: > >As you noted the client gets Access-Accept once, but then for some > >reason i don't know, it looses connection and never gets access to the > >network, on windows the network icon, shows trying to connect then > >later get the exclamation sign on the icon, first thought it was > >something with the vlan assignation, so removed it, and let it stay on > >vlan 1, but the same behavior . > > Certificates are fine, radius server is fine. Your NAS is dropping the > connection. Debug the NAS and see what is it complaining about. > > It's quite normal for Windows domain access to authenticate machine > first and user later, once machine is on the network. > > Ivan Kalik > Kalik Informatika ISP > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
