Cisco Cisco UCS C22 M3 Rack Server 문제 해결 가이드
Contents
Introduction
Background
Problem
Solution
Introduction
This document describes specific scenario of implementing UCS C-series with MAB/802.1x
authentication on Cisco switches.
authentication on Cisco switches.
Background
One of the access control technique that Cisco provides is called MAC Authentication Bypass
(MAB). MAB uses the MAC address of a device to determine what kind of network access to
provide.
(MAB). MAB uses the MAC address of a device to determine what kind of network access to
provide.
In a network that includes both devices that support and devices that do not support IEEE 802.1X,
MAB can be deployed as a fallback, or complementary, mechanism to IEEE 802.1X. If the network
does not have any IEEE 802.1X-capable devices, MAB can be deployed as a standalone
authentication mechanism.
MAB can be deployed as a fallback, or complementary, mechanism to IEEE 802.1X. If the network
does not have any IEEE 802.1X-capable devices, MAB can be deployed as a standalone
authentication mechanism.
To learn more about solution-level uses cases, design, and a phased deployment methodology,
see
see
Problem
Topology:
This happens with different UCS and on different switches. The same is observed on 4500 switch.
UCS devices (UCS-C210-M2: problem observed) does not work when MAB with access-session
closed or no authentication open command.
closed or no authentication open command.
Working scenario:
UCS management interface is connected on switchport and this is the configuration (working):
Non-working scenario:
However, with access-session closed, you cannot ping it and cannot see access-session
information.
information.
May 11 16:33:14.311 JST: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to
down
May 11 16:33:15.312 JST: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet1/0/1, changed state to down
down
May 11 16:33:15.312 JST: %LINEPROTO-5-UPDOWN: Line protocol on Interface
GigabitEthernet1/0/1, changed state to down