PORT PROFILE NOT WORKING FOR ALL CONNECTED PORTS FOR SAME VLAN.

badal1
Conversationalist

PORT PROFILE NOT WORKING FOR ALL CONNECTED PORTS FOR SAME VLAN.

Hi, I have set an access port profile which works for most of the devices connected to the ports of Meraki( port is green and there is comms happening) switch on same VLAN but does not work for some devices(port is stuck on alerting mode). The port has a message " PORT NOT FORWARDING DUE TO ACCESS POLICY" It works though when the port profile is disable for that port and kept open(port is green and there is comms happening) and the VLAN info are registered manually. IS there a way to fix this issue?

Thanks.

 

5 Replies 5
Brash
Kind of a big deal
Kind of a big deal

Does that port profile have an access policy configured?

And if so, what is the configuration of that access policy?

 

badal1
Conversationalist

Hi Brash,

Yes it is set to Wired Authentication under Access type and RSTP enabled and STP guard disabled. This profile works for different types of devices throughout the switches but does not work for some devices.

BlakeRichardson
Kind of a big deal
Kind of a big deal

By wired authentication I am assuming you mean 802.1x. If so what type of device is plugged into it as it needs to be a device that supports 802.1x 

badal1
Conversationalist

yes , its 802.1x. I have devices like power distribution units and AMX connected to it. There are 3 different models of power distribution units connected to it. The profiling works for AMX and 1 model of power distribution unit but does not work for other two.

GreenMan
Meraki Employee
Meraki Employee

Basically those devices are failing the 802.1x authentication, so are effectively being disconnected, to keep your network secure.   Have you put some kind of provision/setup in your RADIUS server (and/or the device) for how those devices are to be authenticated?   You need something for any/every device type connected to a port with that profile.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels