Hi, MAB kicks in when a client does not do 802.1x. I use the same configuration and works well. A client that starts up can not do direct 802.1x so mab wil start first. In my situation mab kicks the client in an register vlan and after 802.1x login the client moves to his destination role/vlan.
[http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/logo-zb-email.jpg] M. Langendoen Networkadministrator mlangend...@dezb.nl<mailto:mlangend...@dezb.nl> +31(0)118654307 i...@dezb.nl<mailto:i...@dezb.nl> [http://www.dezb.nl/icoontjes-social-media/facebook.jpg]<https://www.facebook.com/dezbnl>[http://www.dezb.nl/icoontjes-social-media/twitter.jpg]<https://www.twitter.com/dezbnl>[cid:image003.jpg@01D7717A.792C63A0]<https://www.linkedin.com/company/dezbnl>[http://www.dezb.nl/icoontjes-social-media/instagram.jpg]<https://www.instagram.com/dezbnl> www.dezb.nl<http://www.dezb.nl/> Kousteensedijk 7 4331 JE Middelburg Postbus 8004 4330 EA Middelburg Ik werk op: ma,wo halve dag di,do,vr hele dag Van: Sonali Gulia via PacketFence-users <packetfence-users@lists.sourceforge.net> Verzonden: 03 July 2021 05:36 Aan: packetfence-users@lists.sourceforge.net CC: Sonali Gulia <sonaligul...@gmail.com> Onderwerp: [PacketFence-users] Fwd: endpoint remain unreg Hi I am using this port configuration mentioned below. I expected dot1x authentication not mab But what happend is when system on and user login with his credentials two request come to pf first one is mab then It gets registered and dot1x request come so now its gets reg again get vlan but at same time bcoz of mab request its gets unreg but unreg state shows only in node . No reauth promt come nothing it remain login If i comepletly remove mab configuration from port configuration single dot1x come it works fine but what I don’t understand is I mentioned using dot1x order first And one thing happend again is that if user shut his system a mab request again come from system side in logs I tried changing dot1x tx period to 3 to 60 but no result to delay fall back mechanism switchport mode access switchport voice vlan xxx ip flow monitor SMC-flow-monitor input ip device tracking maximum 10 authentication host-mode multi-auth authentication order dot1x mab authentication priority dot1x mab authentication port-control auto authentication periodic authentication timer reauthenticate server authentication timer restart 10800 authentication violation replace mab no snmp trap link-status dot1x pae authenticator dot1x timeout quiet-period 2 dot1x timeout tx-period 3 spanning-tree portfast edge spanning-tree bpduguard enable end
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
