Security e-Series
1748185 Members
4303 Online
108759 Solutions
New Discussion

Re: setup of 802.1x issues

 
oetker1
Occasional Contributor

setup of 802.1x issues

Hi,

 

I am looking at setting up 802.1x port authentication and having a couple of issues.

I am testing on just one port on a 5406 switch (K.15.12.0010)

 

so far I have;

 

aaa port-access authenticator F10

aaa authentication port-access eap-radius

radius-server host "IP address of local radius server"

aaa port-access authenticator active

 

There is a global certificate automatically installed on the PC's and matches that on the Radius server, but when I plug a PC into F10 the port is blocked by AAA

 

 

Port Access Authenticator Status

 

Port-access authenticator activated [No] : Yes  

Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No

 

Auths/  Unauth  Untagged Tagged           % In  RADIUS Cntrl   Port Guests  Clients VLAN     VLANs  Port COS  Limit ACL    Dir   ---- ------- ------- -------- ------ --------- ----- ------ -----  

F10  0/0     1       None     No     No        No    No     both

 

I 06/03/14 14:33:50 00435 ports: port F10 is Blocked by AAA

 

 

am I missing a peice of config or something very straight forward any help would be appreciated.

 

 

3 REPLIES 3
oetker1
Occasional Contributor

Re: setup of 802.1x issues

just as a side note the Radius server is in VMware and is plugged into another switch, but I would of thought the Radius authentication would route to the correct switch
Mixu
New Member

Re: setup of 802.1x issues

Are you providing vlan information for switch port aswell or only enabling port for access only?

Would you post radius configuration also.

cenk sasmaztin
Honored Contributor

Re: setup of 802.1x issues

 

 

switch configuration

 

aaa authentication port-access eap-radius
aaa accounting network start-stop radius
radius-server host  (radius ip and radius key)
aaa port-access authenticator F10
aaa port-access authenticator active

 

 

cenk