Customer want configuration the AD authentication via Agile
controller, After user authenticate using AD users or local users, The user
have IP from the right vlan and have log on the agile that the user
authenticate successfully, but it take about two minutes then the Ethernet
adapter present that the authentication failed and after about three minutes
from that customer can’t reach anything in his network from that PC although
the PC still have the right IP from its vlan.
Agile controller version is V100R003C30SPC102
Topology as follow:
ONU is access device and the dot1x authentication point.
Step 1 Suggest customer configuration windows
DOT1X with follow production document
Step 2 Packets Capture in issue PC and
Analysis the packets we found:
After PC authentication success, ONU device
send the EAP-request packet every 15 second after 6 times PC didn’t feedback
the request packets then authentication fail.
configuration in ONU device about dot1x keepalive it cause the ONU send the
eap-request packets every 15 second.
Disable the dot1x keepalive in ONU device.