ACS and 3550

Unanswered Question
Sep 5th, 2007

I am wanting to configure a 3550 to send authentications to our ACS appliance. I have configured the AAA Client in ACS. On the switch I did:

aaa new-model

aaa authentication dot1x default group radius

radius-server host auth-port 1812 acct-port 1813

int fa0/1

dot1x port-control auto

what else am I missing?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jagdeep Gambhir Wed, 09/05/2007 - 04:48

Do you see any hits on acs failed attempts ? If you are doing vlan assignment then you also need authorization for network

aaa authorization network default group radius if-authenticated

If still we have issue , get debug radius and debug dot1x all



Jagdeep Gambhir Wed, 09/05/2007 - 05:05

Make sure that shared secret key is correct. Please enter it again, do not copy paste.

Also check,

ACS--->Network configuration----> NDG (where you have this switch) ----> Edit Properties----> Remove key.

Keep in mind that NDG key overwrites aaa client key.



kknuckles Wed, 09/05/2007 - 05:20

I think I got it. I am showing a passed authentication now. Thanks for the help.

as soon as I enabled dot1x system-auth-control it began passing the authentication. I had to have that command you sent me as well.

thanks again


This Discussion