802.1x port authentication

Unanswered Question
Mar 4th, 2009
User Badges:

Hello!


We have some problems with 802.1x port authentication after updating the Cisco IOS to 12.2(35)SE5.


First there was the IOS 12.2(25r)SEC on the cisco switch 3560 and the port authentication is working. I can see, that the Cisco sends "EAP Request Identity" Version 1 to the network device. After the network device has answered the request identity, the cisco starts to communicate with the radius server. Everything is working!


After I have updated the Cisco to IOS 12.2(35)SE5 I can see, that the Cisco sends a "EAP Request Identity" Version 2 to the network device. The network device can not answer this request, and there is no more communication, so the port is shutdown.


Is there any possibility to change the Version of the EAP Request in the Cisco?


Thanks a lot for your help!




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mattkaya56 Tue, 03/10/2009 - 10:34
User Badges:

Are you using the windows client? Could you try the open 802.1x client before you downgrade.

ManuelHepting Tue, 03/10/2009 - 11:55
User Badges:

Hello!


The network device is not a windows client, it's a device to transmit videostreams. There is a possibility to use 802.1x authentications, but this is not working in conjuction with the latest Cisco IOS.

mattkaya56 Wed, 03/11/2009 - 15:26
User Badges:

If you are using 802.1x for such device you need to be sure that the client side is sending eap response - in this particular application I am assume somebody was responding to eap request? I dont understand how you device authenticates - could you please elaborate.


If it is an option authenticate from a pc host via the same port - to verify 802.1x is working Cisco side as expected.



Actions

This Discussion