A SERVICE OF

logo

Open as PDF
next previous
67
Enhancements
Release M.10.02 Enhancements
Causes of Client Deauthentication Immediately After Authenticating
ACE formatted incorrectly in the RADIUS server
“from”, “any”, or “to” keyword missing
An IP protocol number in the ACE exceeds 255.
An optional UDP or TCP port number is invalid.
A RADIUS-Based ACL limit has been exceeded. (Refer to Table 5, “Limits Affecting RADIUS-
Based ACL Applications” on page 57.)
The allowed maximum of one RADIUS-assigned ACL has already been reached on the
port through which the deauthenticated client is trying to access the network. (Each
client requiring a RADIUS-assigned ACL is a separate instance, even if multiple clients
are assigned the same ACL.)
For a given port, the latest client authentication includes a RADIUS-Based ACL assign-
ment exceeding the maximum number of ACEs allowed on the port (30).
ACE parsing error, destination IP,
< ace-# > client < mac-address > port
< port-# >.
Notifies of a problem with the destination IP field in the
indicated ACE of the access list for the indicated client on
the indicated switch port.
ACE parsing error, tcp/udp ports,
< ace-# > client < mac-address > port
< port-# >.
Notifies of a problem with the TCP/UDP port field in the
indicated ACE of the access list for the indicated client on
the indicated switch port.
Port < port-# >, No RADIUS ACLs applied
on this port.
Appears in response to the CLI show access-list radius
< port-# > command when there is not currently a RADIUS
ACL assigned to the port.
Rule limit per ACL exceeded. < ace-# >
client < mac-address > port < port-# >.
Notifies that an ACL has too many rules. A maximum of 30
(internal) ACEs are allowed per ACL. Refer to Table 5 on
page 57.
Duplicate mac. An ACl exists for
client. Deauthenticating second.
client < mac-address > port < port-# >.
Notifies that an ACL for this mac on this port already exists.
Invalid Access-list entry length,
client < mac-address > port < port-# >.
Notifies that the string configured for an ACE entry on
the Radius server exceeds 80 characters.
Memory allocation failure for IDM
ACL.
Notifies of a memory allocation failure for a RADIUS-based
ACL.
User Action?
ACE limit per port exceeded. client
< mac-address > port < port-# >.
Notifies that the maximum number of ACEs (30) allowed on
the port was exceeded.
Exceeded counter per port limit.
client < mac-address > port < port-# >.
Notifies that the internal counter (cnt) limit of 32 per port
was exceeded on port < port-# >. Refer to Table 5 on page 57.
Message Meaning