jasonfmic Fri, 09/24/2010 - 12:52
User Badges:
  • Bronze, 100 points or more

The key components of the config you will need are as follows:

! Radius Config

aaa new-model

aaa authentication dot1x default group radius
aaa authorization network default group radius
radius-server host YOUR_SERVER
radius-server key YOUR_KEY

! Enable dot1x globally

dot1x system-auth-control

! Configure the interfaces



switchport mode access

switchport access vlan YOUR_ACCESS_VLAN

dot1x port-control auto

no shut

That is the basic config. You can also get into fancy features, like setting a guest access vlan for when 802.1x authentication fails, etc. The switch configuration is relatively simple. I actually run into more trouble with the radius configuration and configuration of clients for 802.1x pieces.


This Discussion