Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Wrong VLAN & ACL assignment in 802.1X environment with IDM

Jose Sanchez-Seco
Occasional Visitor

Wrong VLAN & ACL assignment in 802.1X environment with IDM

Hi,

We're having problems with 802.1X auth with our proCurve switches and IDM. IDM is running on a Win 2003 Std server integrated with Microsoft IAS.

Since yesterday, authenticated users get assigned wrong vlan and acl when connecting their PCs. Problem seems random: sometimes assignment is right.

We've rebooted servers and switches and problem persists. IDM database seems ok.

Switches are 5400 family with software version K.14.47. IDM is A.02.03.029.

What else can we do?

Thanks in advance.

3 REPLIES
Jens Egger
Occasional Advisor

Re: Wrong VLAN & ACL assignment in 802.1X environment with IDM

Jose,

did somebody change users in groups of the AD? Please deploy IDM config again to the agents. Check Windows Systemlog of Server where the agent runs for errors of IAS. You may also check content of agent XML-File of config which agent gets from IDM.

Cheers


Jens
Jose Sanchez-Seco
Occasional Visitor

Re: Wrong VLAN & ACL assignment in 802.1X environment with IDM

Thanks, Jens.

We've checked IAS & system logs and there is nothing abnormal.

XML files are consistent: they reflect all ACLs, users, groups and their relations.

Best regards,

Jose.
Jens Egger
Occasional Advisor

Re: Wrong VLAN & ACL assignment in 802.1X environment with IDM

Hmm,

very sad. One other idea is to check the logfile of the switches for any incident - when it happens. After that you may open a Call using ITRC "Support Case Manager" adding Log-File Directory of PCM as Zip and a "show tech all" of one affected switch from this time frame.

Cheers


Jens