09-05-2007 04:43 AM - edited 03-10-2019 03:22 PM
I am wanting to configure a 3550 to send authentications to our ACS appliance. I have configured the AAA Client in ACS. On the switch I did:
aaa new-model
aaa authentication dot1x default group radius
radius-server host 10.98.8.31 auth-port 1812 acct-port 1813
int fa0/1
dot1x port-control auto
what else am I missing?
09-05-2007 04:48 AM
Do you see any hits on acs failed attempts ? If you are doing vlan assignment then you also need authorization for network
aaa authorization network default group radius if-authenticated
If still we have issue , get debug radius and debug dot1x all
Regards,
~JG
09-05-2007 04:55 AM
do I need to enable dot1x system-auth-control?
09-05-2007 05:05 AM
Make sure that shared secret key is correct. Please enter it again, do not copy paste.
Also check,
ACS--->Network configuration----> NDG (where you have this switch) ----> Edit Properties----> Remove key.
Keep in mind that NDG key overwrites aaa client key.
Regards,
~Jg
09-05-2007 05:20 AM
I think I got it. I am showing a passed authentication now. Thanks for the help.
as soon as I enabled dot1x system-auth-control it began passing the authentication. I had to have that command you sent me as well.
thanks again
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide