Troubleshooting Authentication
This topic describes how you get detailed diagnostic information by enabling tracing of authentication operations on the EX Series switch and on the Windows 7 supplicant.
Aruba ClearPass Policy Manager provides additional detailed diagnostic information. See your Aruba ClearPass documentation for more information.
This topic covers:
Enabling 802.1X Trace Options on EX Series Switches
You can enable trace options for the 802.1X protocol. The following set of commands enable the writing of trace logs to a file named do1x-log:
user@Policy-EX4300-01# set protocols dot1x traceoptions file dot1x-log user@Policy-EX4300-01# set protocols dot1x traceoptions file size 5m user@Policy-EX4300-01# set protocols dot1x traceoptions flag all
Use the show log CLI command to display the contents
of the trace log file. For example:
user@Policy-EX4300-01> show log dot1x-log user@Policy-EX4300-01> show log dot1x-log | last 10 | refresh
Performing 802.1X Diagnostics on the Windows 7 Supplicant
To perform 802.1X authentication diagnostics on the Windows 7 supplicant:
Start authentication tracing with the
netshcommand.>netsh ras set tracing * enable
Attempt authentication with the switch.
Disable authentication tracing.
>netsh ras set tracing * disable
Review the detailed log files under the following directory: C:\windows\tracing.
Refer to the Windows 7 documentation for more detailed information about the diagnostic capabilities of the Windows 802.1X supplicant.