01-26-2010 11:43 PM - edited 03-10-2019 04:54 PM
Hello guys,
currently we are deploying Catalyst 3560 switches in our enviroment. These switches are working with dot1x protocol version 2. The old ones (2950) are with version 1. We have several networkprinters and it seems these combination does not work togehter. The printers are not authenticating. Port remains unauthorized. Mac Bypass is only working if 802.1x is disabled on these printers. Are these protocol version incompatible ??? Is any one out there who´s having the same issues or an idea how to fix this.
Thx...
Marc
01-27-2010 05:50 AM
Hi Marc:
I checked this on switch running 12.2.x and it was dot1x protocol version=2, so it looks like that protocol version was introduced from 12.2.x
onwards. There should not be any compatible issue but I have seen this issue in the past with 2950 running dot1x version 1.
EAPOL packet Protocol version field holds the version of the protocol supported by the sender of the EAPolpacket. It means the supplicant will try with a more secure protocol version with the server if server does not support that, then supplicant with try with the next/lower one available until both server and client negotiate on a common protocol version.
HTH
Regards,
JK
Plz rate helpful posts-
01-27-2010 06:29 AM
Hello again,
i´ve read my first posting again. It´s may be a little bit confusing which switch is working. 2950 dot1x V1 --> Everything is fine! 3560 dot1x V2 --> not working with printers! In the debug log EAPOL seems not going down to V1 (EAPOL Version: 0x2 type: 0x0 length: 0x0005). Is there any way to force the 3560 to go to dot1x V1?
thx
Marc
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: