# diagnose switch 802-1x statusClient is successfully authenticated but Dynamic Authorized VLAN shows 0 although ClearPass radius server is sending the dynamic assigned VLAN in radius accept message.
port47: Mode: port-based (mac-by-pass disable)
Link: Link up
Port State: authorized: ( )
Dynamic Authorized Vlan : 0
EAP pass-through mode : Enable
Quarantine VLAN (4093) detection : Enable
Native Vlan : 1
Allowed Vlan list:
Untagged Vlan list: 4093
Guest VLAN :
Auth-Fail Vlan :
Sessions info:
c8:5b:76:ef:65:c7 Type=802.1x,TLS,state=AUTHENTICATED,etime=0,eap_cnt=9 params:reAuth=3600
=================================================================================================================3) Upload latest attributes file (RadiusDictionary.xml) on ClearPass and re-test the client.
<Attribute profile="in out" type="String" name="Tunnel-Private-Group-Id" id="81" extraData="has_tag"/>
<Attribute profile="in out" type="Unsigned32" name="Tunnel-Type" id="64" extraData="has_tag">
<Attribute profile="in out" type="Unsigned32" name="Tunnel-Medium-Type" id="65" extraData="has_tag">
At the end of the line replace extraData="has_tag" with extraData =" "
<Attribute profile="in out" type="String" name="Tunnel-Private-Group-Id" id="81" extraData=" "/>
<Attribute profile="in out" type="Unsigned32" name="Tunnel-Type" id="64" extraData=" ">
<Attribute profile="in out" type="Unsigned32" name="Tunnel-Medium-Type" id="65" extraData=" ">
=================================================================================================================
# diag switch 802-1x status
port47: Mode: port-based (mac-by-pass disable)
Link: Link up
Port State: authorized: ( )
Dynamic Authorized Vlan : 99
EAP pass-through mode : Enable
Quarantine VLAN (4093) detection : Enable
Native Vlan : 99
Allowed Vlan list:
Untagged Vlan list: 4093
Guest VLAN :
Auth-Fail Vlan :
Sessions info:
c8:5b:76:ef:65:c7 Type=802.1x,TLS,state=AUTHENTICATED,etime=4,eap_cnt=9 params:reAuth=3600
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.