radius communication

Unanswered Question
Jun 2nd, 2008

Hi all,

I have two 3750s, one is connected to the radius server (ACS), and the other is connected to clients. There's a trunk connection between the two switches.

By the way, radius works fine. However my problem is that the switch that is connected to clients must relay the 802.3 encapsulated EOPOL frames to the switch at the end of the trunk and that switch must forward those frames encapsulated in radius format.

When a client initiates authentication by sending EAPOL frames with multicast L2 address, the trunk does not appear to be forwarding the frames over the trunk link.

To summarize How am I supposed to implement wired 802.1x authentication with a radius server connected multiple switches away?

Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
michael.leblanc Mon, 06/02/2008 - 07:41

If the switch to which the hosts are connected is configured as the AAA Client (Authenticator), this switch communicates with the RADIUS server via RADIUS packets, not EAPOL.

EAPOL is used between the host and the Authenticator.

Configure the switch that the hosts are connected to, as the AAA Client (Authenticator).


This Discussion