Security e-Series
Showing results for 
Search instead for 
Do you mean 

setup of 802.1x issues

Highlighted
Occasional Contributor

setup of 802.1x issues

Hi,

 

I am looking at setting up 802.1x port authentication and having a couple of issues.

I am testing on just one port on a 5406 switch (K.15.12.0010)

 

so far I have;

 

aaa port-access authenticator F10

aaa authentication port-access eap-radius

radius-server host "IP address of local radius server"

aaa port-access authenticator active

 

There is a global certificate automatically installed on the PC's and matches that on the Radius server, but when I plug a PC into F10 the port is blocked by AAA

 

 

Port Access Authenticator Status

 

Port-access authenticator activated [No] : Yes  

Allow RADIUS-assigned dynamic (GVRP) VLANs [No] : No

 

Auths/  Unauth  Untagged Tagged           % In  RADIUS Cntrl   Port Guests  Clients VLAN     VLANs  Port COS  Limit ACL    Dir   ---- ------- ------- -------- ------ --------- ----- ------ -----  

F10  0/0     1       None     No     No        No    No     both

 

I 06/03/14 14:33:50 00435 ports: port F10 is Blocked by AAA

 

 

am I missing a peice of config or something very straight forward any help would be appreciated.

 

 

3 REPLIES
Occasional Contributor

Re: setup of 802.1x issues

just as a side note the Radius server is in VMware and is plugged into another switch, but I would of thought the Radius authentication would route to the correct switch
Occasional Visitor

Re: setup of 802.1x issues

Are you providing vlan information for switch port aswell or only enabling port for access only?

Would you post radius configuration also.

Honored Contributor

Re: setup of 802.1x issues

 

 

switch configuration

 

aaa authentication port-access eap-radius
aaa accounting network start-stop radius
radius-server host  (radius ip and radius key)
aaa port-access authenticator F10
aaa port-access authenticator active

 

 

cenk