Cisco Support Community
Community Member

802.1x Authentification Problem

Hi, i have some Problems setting up a dot1x authentification.

In my lab i use 1 Client, 2 Switches and a RADIUS-Server.

Client => Switch A => Switch B => RADIUS

I have configured an interface vlan on switch A and switch B in the same vlan the RADIUS-server is. So the client sends an authentification-request to switch A and switch a sends the request to the radius server using the mentioned vlan interface. without the vlan interface on switch A i can not authentificate the client.. is there a way to configure switch A to forward the request from the client to the vlan interface of switch B, so switch B can send the request to the RADIUS-server? Or do i have to configure a vlan interface on every switch, so the switch my client is connected to has to send the request to the RADIUS server?

this would mean a lot of work in a bigger LAN and i would have to waste a lot of IP adresses, because i would need a vlan interface in the same vlan my RADIUS-server is on every switch...

Everyone's tags (1)

Hey Patrick,Could you share

Hey Patrick,

Could you share the switch (A,B) configuration?

I would like to understand the issue better.



**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed

yes do share your config and

yes do share your config and by using ip helper address the vlan should be able to forward the broadcast.Well VTP is the option for your issue also if you are manging the vlans on every switch seprately.

Community Member

i found out that it's

i found out that it's impossible to use dot1x without a vlan interface on the switch your client is connected to (in my lab switch A)...

thanks anyway

CreatePlease to create content