Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dot1x / MAB Reauth behavior, unexpected reauth every 90 seconds

degwi
Comes here often
‎Mar 2 2023 1:28 AM
‎Mar 2 2023 1:28 AM

Dot1x / MAB Reauth behavior, unexpected reauth every 90 seconds

Hi all,

I’m new with Meraki switching but familiar with Cisco.
I have a MS120 for testing and I try to use NAC as I have on the Cisco devices.
Some of my endpoints will be authenticated by MAC, others by Certificate (dot1x).
After the endpoint is authenticated by dot1x, no other Auth-request are send to the RADIUS server.
But, is the endpoint authenticated by MAC, I see auth requests from the switch every 90 seconds.

How can I suppress the auth request if the endpoint is connected by MAB?

I do not see this behavior on my Cisco switches.

My Access Policies look like this:

degwi_0-1677749243731.png

Thank you
Willem

Labels:
0 Kudos
Subscribe
2 Replies 2
GreenMan
Meraki Employee
Meraki Employee
‎Mar 2 2023 2:05 AM
‎Mar 2 2023 2:05 AM

I'm interested to know what the detrimental effects are for this, if any?    Also - did you raise a Support case for this? - they would be able to advise if this is expected behaviour and possibly whether it can be altered in the back-end (it can't be done by the customer, I'm pretty sure).   Off the top of my head I would say doing this provides an ability to reflect any change in status of the MAC in the RADIUS database (i.e. if an admin removed it).   If you don't re-auth periodically a previously authenticated MAC cound stay connected indefinitely.

0 Kudos
Subscribe
degwi
Comes here often
‎Mar 2 2023 10:33 PM
‎Mar 2 2023 10:33 PM

Ok, I have to come back on this issue.
It seems to be a single device, printer that has this behaviour, all my other printers do not show the same.

The detrimental effect would have been flooding the RADIUS server with requests.

I Guess I have a printer hardware issue (or some wired settings). 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.