04-26-2007 02:25 AM - edited 02-21-2020 10:18 AM
Hi All,
I am trying to implement 802.1x security on the network. I am tesiting on a switch on one of the ports with the following config
conf t
aaa new-model
aaa authentication dot1x default group radius
radius-server host x.x.x.x auth-port 1612 key rad1234
int fa1/0/x
dot1x port-control auto
switch is added as client on DC with IAS installed. I have a remote access policy configured called DOT1X AUTHENTICATION. In active directory i have a global group called AUTH PC's.I have no certificate set up on server. My questions are as follows
1. What needs to be added to Active Directory group ? All domain pc's
2. On client LAN properties PEAP settings. Do I need certificate generated or can I just add dc to trusted servers. I am using MSCHAP V2 here.
Also if pc is on domain it will allow authentication. If not it will then prompt for username/password.
If I am missing anything please let me know of if config needs tuning
04-26-2007 06:42 AM
04-26-2007 06:57 AM
Looks good . Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: