Ciscoworks question. Trying to report on non 802.1x ports.

martin.belisle · ‎12-15-2009

I'm trying to run a report that will tell me wich switch ports are not configured for 802.1x. Anyone has any idea how this could be done?

I'm not very familiar with ciscoworks so any help is good!

Thanks

Joe Clarke · ‎12-15-2009

This is doable using the Campus Manager User Tracking application. UT will acquire all end hosts connected to your switched and wireless networks. If you run a UT report, and view All Columns, you will see one of the columns called dot1xEnabled. The value of that column will be either true or false. You could also create a custom layout in UT to only show the columns you want.

The downside of this approach is that you will only see ports in UT which have end users connected to them. If you would rather search through your devices' configurations looking for ports without dot1x, you can use the RME baseline compliance feature. Under RME > Config Mgmt > Compliance Mgmt > Template Mgmt, you can create new template which does something like:

Submode : interface [#.*Ethernet.*#]
Body:
- dot1x pae both

Or use whatever commands you want to identify whether or not dot1x is configured. Then, if you run a compliance check against your switches, you will those switches and ports which do not have the required commands. This approach isn't really a report, but it will give you an idea of what ports do not have dot1x configured.

martin.belisle · ‎12-23-2009

Thank you so much!