802.1x Certificate Renewal

Unanswered Question
Oct 20th, 2008
User Badges:


I have customer planning to deploy 802.1x in their wired network.

1. They are using certificate, username and password to authenticate.

2. Unauthorized user will be assigned to Guest Vlan with limited access to the network.

3. The problem is, when the certificate is expired, user wont be able to authenticate to the network.

4. How to allow user to renew the certificate when then dont have access to their network? Is there any work around?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
scadora Tue, 10/21/2008 - 09:51
User Badges:
  • Cisco Employee,

Users who fail 802.1X are not assigned to the Guest VLAN. They are denied access or, if the auth-fail VLAN is configured on the switch, they will go to the auth-fail VLAN. You can configure the auth-fail VLAN with enough access to get to the CA to renew the cert.



This Discussion