×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

dot1x QoS Policy push w. Radius

Unanswered Question
Mar 26th, 2014
User Badges:

Hi,

I'm having a proper running dot1x network. Now I want to push a QoS Policy, or the reference to a QoS policy. In the current concept my NPS sends the related VLAN and dACL to the port, fine. I can also see in my Wireshark trace that the NPS send the QoS policy but the port does somehow not accept it, the policy-map never gets configured.

Any idea what the problem could be or a reference to a doc? Unfortunately could not find proper documentation about pushing QoS policy...

Is there another way how to push qos policy to a dot1x port?

The VSA's I'm sending are called:


 cisco-avpair = "ip:sub-policy-In=in-policy-name"
 cisco-avpair = "ip:sub-policy-Out=out-policy-name" 
 
Here the port and general dot1x config on my cat4k:
 
dot1x system-auth-control
dot1x critical eapol
!
int gigx/y
 authentication event fail action authorize vlan 41
 authentication event server dead action authorize vlan 11
 authentication event no-response action authorize vlan 41
 authentication host-mode multi-domain
 authentication port-control auto
 authentication periodic
 authentication timer reauthenticate server
 mab
 dot1x pae authenticator
 dot1x timeout quiet-period 2
 dot1x timeout server-timeout 3
 dot1x timeout tx-period 2
 dot1x timeout supp-timeout 2
 
 
 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion