●"extended-authentication is in use." の解決を目指して
解決策:"dot1x port-control"を削除
「fastethernet 0/2-48 の dot1x port-control を削除」
(config)# interface range fastethernet 0/2-48「gigabitethernet 0/49 の dot1x port-control を削除」
(config-if-range)# no dot1x port-control
(config-if-range)# end
#
!is210-01(config)# interface gigabitethernet 0/49
!is210-01(config-if)# no dot1x port-control
!is210-01(config-if)# top
!is210-01(config)#
削除実行前
!is210-01(config)# show interface gigabitethernetdot1x port-control auto が存在する。(fastethernet 0/2-48 も同様)
interface gigabitethernet 0/49
media-type auto
switchport mode access
switchport access vlan 210
dot1x port-control auto
dot1x multiple-authentication
dot1x reauthentication
dot1x supplicant-detection disable
web-authentication port
authentication ip access-group "is-webauth"
authentication arp-relay
loop-detection send-inact-port
!
削除実行後
!is210-01(config)# show interface gigabitethernet
interface gigabitethernet 0/49
media-type auto
switchport mode access
switchport access vlan 210
dot1x multiple-authentication # dot1x port-control auto は無い
dot1x reauthentication
dot1x supplicant-detection disable
web-authentication port
authentication ip access-group "is-webauth"
authentication arp-relay
loop-detection send-inact-port
!
!is210-01(config)# show interface fastethernet
interface fastethernet 0/1
description "kyoutaku"
switchport mode access
switchport access vlan 210
loop-detection send-inact-port
!
interface fastethernet 0/2
no mdix auto
switchport mode access
switchport access vlan 210
dot1x multiple-authentication # dot1x port-control auto は無い
dot1x reauthentication
dot1x supplicant-detection disable
web-authentication port
authentication ip access-group "is-webauth"
authentication arp-relay
loop-detection send-inact-port
!
(以下 interface fastethernet 0/48 まで続く)
さぁて、実験進めるぞー!
!is210-01(config)# system function filterあるぇー?
extended-authentication is in use.
dot1x port-control 以外の設定も削除しなければならないのだろう、と推測。