Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Troubleshooting Central Web Authentication

 

This topic describes how you get detailed diagnostic information by enabling tracing of authentication operations on the EX Series switch.

Aruba ClearPass Policy Manager provides additional detailed diagnostic information. See your Aruba ClearPass documentation for more information.

Troubleshooting Using Trace Options

You can enable trace options for the 802.1X protocol. The following set of commands enable the writing of trace logs to a file named dot1x:

Use the show log CLI command to display the contents of the trace log file. For example:

You can also display the contents of the trace log file from the UNIX-level shell. For example:

Troubleshooting the JNPR_RSVD_FILTER_CWA Firewall Filter

The JNPR_RSVD_FILTER_CWA firewall filter is dynamically installed in the Packet Forwarding Engine (PFE). Because it is not configured through the Junos CLI, you cannot view the filter terms using the CLI.

You can use the Junos OS vty shell command to connect to the PFE to obtain more information about the JNPR_RSVD_FILTER_CWA filter. In the examples below, the vty command is used to see detailed information about the filter JNPR_RSVD_FILTER_CWA that is installed as part of the MAC RADIUS authentication process.

Note

The vty command is hidden command and is not supported by JTAC. Because vty commands are undocumented and their use can cause network disruption or operational issues, using vty is not generally recommended.

  1. Start vty.
  2. Use the show filter command to determine the index number of the filter on ge-0/0/22.
  3. Display the counters associated with the filter.
  4. Display the terms of the filter.