Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

802.1x Empty userId

Hi,

I´m studying the behaviour of the 802.1x protocol working in a Windows environment with IAS and AD activated.

I´m using Windows 2000/XP 802.1x clients to perform the tests.

As I check the option "Authenticate the user as guest when the credentials are unavailable" in the client and I´m not able to get authorized. I watch the trace in the CAT 2950 switch and I get the message 'dot1x event - empty userid'. The client´s request is not forwarded to the RADIUS server and at the end the client is unauthorized.

First I thought of configuring the IAS server with a rule to bring these anonymous users in a quarantine VLAN and perform further actions with these clients. No way, the request don´t get to the RADIUS.

The other option that I managed was to take these users to the guest VLAN but I think this is not possible either. I have got similar problem with users with invalid credentials.

Is this the correct or expectable behaviour of the switch?

Any idea to take uknown users to a controlled or quarantine VLAN?

Thanks in advance.

Ramiro Ortiz

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: 802.1x Empty userId

This is a bug.

The anatomy of which is when the switch doesn't forward EAP when EAPOL(802.1x) arrives at it with NULL credentials as part of the initial EAP-Identity-Response frame.

Please see CSCsb82422.

Hope this helps,

2 REPLIES
Cisco Employee

Re: 802.1x Empty userId

This is a bug.

The anatomy of which is when the switch doesn't forward EAP when EAPOL(802.1x) arrives at it with NULL credentials as part of the initial EAP-Identity-Response frame.

Please see CSCsb82422.

Hope this helps,

New Member

Re: 802.1x Empty userId

Thanks a lot for your quick response.

I´ve noticed the bug has recently changed from the assigned to the resolved status.

Have you got any idea about how long will it take the new release to be available? I´ve downloaded the latest one 12.1(22)EA5a (September 22th) but it´s not corrected yet.

Thanks again.

Bye.

104
Views
0
Helpful
2
Replies