Manualsbrain.com
  1. 매뉴얼
  2. 브랜드
  3. Cisco
  4. Cisco Identity Services Engine 1.3
  5. 전단

Cisco Cisco Identity Services Engine 1.3 전단

다운로드
페이지 25
  
 
 
 
 
 
© 2015 思科系统公司 
 16   
安全访问操作指南
 
May 28 07:11:59.823 UTC: %EPM-6-AAA: POLICY xACSACLx-IP-PERMIT_ALL_TRAFFIC-4fc368f7| EVENT 
DOWNLOAD-REQUEST 
May 28 07:11:59.840 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to 
up 
May 28 07:11:59.890 UTC: %EPM-6-AAA: POLICY xACSACLx-IP-PERMIT_ALL_TRAFFIC-4fc368f7| EVENT 
DOWNLOAD-FAIL 
May 28 07:11:59.890 UTC: %EPM-4-POLICY_APP_FAILURE: IP 0.0.0.0| MAC 0016.d42e.e8ba| AuditSessionID 
C0A8013C000006719D1BFAB1| AUTHTYPE DOT1X| POLICY_TYPE dACL| POLICY_NAME xACSACLx-IP-
PERMIT_ALL_TRAFFIC-4fc368f7| RESULT FAILURE| REASON AAA download failure 
May 28 07:11:59.890 UTC: %EPM-6-IPEVENT: IP 0.0.0.0| MAC 0016.d42e.e8ba| AuditSessionID 
C0A8013C000006719D1BFAB1| AUTHTYPE DOT1X| EVENT IP-WAIT 
May 28 07:11:59.890 UTC: %AUTHMGR-5-FAIL: Authorization failed for client (0016.d42e.e8ba) on 
Interface Fa0/1 AuditSessionID C0A8013C000006719D1BFAB1 
May 28 07:11:59.890 UTC: %DOT1X-5-RESULT_OVERRIDE: Authentication result overridden for client 
(0016.d42e.e8ba) on Interface Fa0/1 AuditSessionID C0A8013C000006719D1BFAB1 
May 28 07:11:59.890 UTC: %EPM-6-POLICY_REQ: IP 0.0.0.0| MAC 0016.d42e.e8ba| AuditSessionID 
C0A8013C000006719D1BFAB1| AUTHTYPE DOT1X| EVENT REMOVE 
May 28 07:11:59.899 UTC: %EPM-6-AUTH_ACL: POLICY Auth-Default-ACL| EVENT DETACH-SUCCESS 
May 28 07:11:59.899 UTC: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to 
down 
May 28 07:12:00.846 UTC: %AUTHMGR-5-SUCCESS: Authorization succeeded for client (0016.d42e.e8ba) 
on Interface Fa0/1 AuditSessionID C0A8013C000006719D1BFAB1 
Switch# 
Switch# 
由于交换机无法处理
 dACL,因此其会向终端发送 EAP 失败响应。要修复此问题,请在 ISE 上更正 dACL 中
的语法错误,如下所示:
 
Switch#
show authentication sessions interface FastEthernet 0/1 
            Interface:  FastEthernet0/1 
          MAC Address:  0016.d42e.e8ba 
           IP Address:  192.168.2.100 
            User-Name:  winxp.example.com 
               Status:  Authz Failed 
               Domain:  DATA 
      Security Policy:  Should Secure 
      Security Status:  Unsecure 
       Oper host mode:  multi-domain 
     Oper control dir:  both 
        Authorized By:  Authentication Server 
           Vlan Group:  N/A 
      Session timeout:  N/A 
         Idle timeout:  N/A 
    Common Session ID:  C0A8013C000006719D1BFAB1 
      Acct Session ID:  0x00000C5D 
               Handle:  0xB2000671 
 
Runnable methods list: 
       Method   State 
       dot1x    Authc Success 
       mab      Not run 
 
Switch#