cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
490
Views
0
Helpful
4
Replies

802.1x port authentication

ManuelHepting
Level 1
Level 1

Hello!

We have some problems with 802.1x port authentication after updating the Cisco IOS to 12.2(35)SE5.

First there was the IOS 12.2(25r)SEC on the cisco switch 3560 and the port authentication is working. I can see, that the Cisco sends "EAP Request Identity" Version 1 to the network device. After the network device has answered the request identity, the cisco starts to communicate with the radius server. Everything is working!

After I have updated the Cisco to IOS 12.2(35)SE5 I can see, that the Cisco sends a "EAP Request Identity" Version 2 to the network device. The network device can not answer this request, and there is no more communication, so the port is shutdown.

Is there any possibility to change the Version of the EAP Request in the Cisco?

Thanks a lot for your help!

4 Replies 4

wong34539
Level 6
Level 6

Currently there is no feature to configure what version of EAP in which we send. However, unless there is a supplicant issue, which this appears to be, then the mismatch in EAP version should not effect functionality. Better to down grade the IOS.

Are you using the windows client? Could you try the open 802.1x client before you downgrade.

Hello!

The network device is not a windows client, it's a device to transmit videostreams. There is a possibility to use 802.1x authentications, but this is not working in conjuction with the latest Cisco IOS.

If you are using 802.1x for such device you need to be sure that the client side is sending eap response - in this particular application I am assume somebody was responding to eap request? I dont understand how you device authenticates - could you please elaborate.

If it is an option authenticate from a pc host via the same port - to verify 802.1x is working Cisco side as expected.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco