Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS and 3550

I am wanting to configure a 3550 to send authentications to our ACS appliance. I have configured the AAA Client in ACS. On the switch I did:

aaa new-model

aaa authentication dot1x default group radius

radius-server host 10.98.8.31 auth-port 1812 acct-port 1813

int fa0/1

dot1x port-control auto

what else am I missing?

4 REPLIES

Re: ACS and 3550

Do you see any hits on acs failed attempts ? If you are doing vlan assignment then you also need authorization for network

aaa authorization network default group radius if-authenticated

If still we have issue , get debug radius and debug dot1x all

Regards,

~JG

New Member

Re: ACS and 3550

do I need to enable dot1x system-auth-control?

Re: ACS and 3550

Make sure that shared secret key is correct. Please enter it again, do not copy paste.

Also check,

ACS--->Network configuration----> NDG (where you have this switch) ----> Edit Properties----> Remove key.

Keep in mind that NDG key overwrites aaa client key.

Regards,

~Jg

New Member

Re: ACS and 3550

I think I got it. I am showing a passed authentication now. Thanks for the help.

as soon as I enabled dot1x system-auth-control it began passing the authentication. I had to have that command you sent me as well.

thanks again

155
Views
0
Helpful
4
Replies
CreatePlease to create content