Symptoms
Following the upgrade to 13.2X51-D35, we are seeing the following warning message in the configuration of the switches that were upgraded. This indicates that one of the features associated with the NAC implementation is ignored since the EX-4200 is an unsupported platform for this feature: accounting-stop-on-access-deny.
Version 13.2x51
profile xx_radius {
authentication-order radius;
radius {
authentication-server [ x.x.x.x y.y.y.y ];
accounting-server [x.x.x.x y.y.y.y];
}
accounting {
order radius;
accounting-stop-on-failure;
accounting-stop-on-access-deny;
##
## Warning: statement ignored: unsupported platform (ex4200-48px)
##
immediate-update;
coa-immediate-update;
Diagnosis
Check the NAC configuration and tried resetting the switch virtual chassis to factory default and then configured each element one by one. Issue was still there.
Solution
As per update from JTAC Engineering team.
They confirmed this knob is not supported in 13.2x release.
The unsupported knob per the below output is only " immediate-update," other knobs should work, so please try without the knob " immediate-update" and confirm accounting works fine.
root@d21_28_ex4200_aru# show access profile test accounting {
order radius;
accounting-stop-on-failure;
accounting-stop-on-access-deny;
##
## Warning: statement ignored: unsupported platform (ex4200-48t)
##
immediate-update; >>>>>>>>>>>>>>>>>>>>> hidden knob(unsupported one)
}