After reading most of the docs and related postings, I have concluded that inorder to do 802.1x with a single logon (the user is put into the correct vlan and the logged onto the domain) so that it as seamless to the user as possible, I need to use PEAP, which requires a CA, and ACS 3.2 so that it understands MS CHAP.
My clients are W2K, I would rather not use certificates if possible, i.e. using md5, but don't mind if required for single login.
Also, I noticed in ACS 3.2 docs that the machine could log in independently of the user, so multiple users could use the same machine. This isn't what I need, I have multiple people using the same machine, I want it so that whenever a new user logs in, he is reauthenticated and placed in correct vlan.
have to disagree a little. With md5 required second logon and wouldn't authenticate against nt database, acs returned error "authentication type not supported by external database"
single logon works with peap, also with multiple users on same machine, however, have to reboot when user logs off and new user logs on. Microsoft peap client doesn't seem to be sending eapol logoff to switch according to switch debugs.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...