dot1x on catalyst express 520 and windows 2003 IAS
I am looking for users with experience with catalyst express product especially CE520. My problem is that i can't make my XP client authenticate using 802.1x on CE520 and IAS on windows 2003 as RADIUS server (PEAP using certificates). I have several hundreds client working perfectly on 2950, 2970, 4506, pixes and 6509 switch. I used GUI config and smartports but no go. Also tried CLI config (same as on my other cisco switches, used CLI thru .../exec). I have no experience in deciphering debug output on CE520 or RAS tracing on IAS server so if anyone has experience with similar config/layout and CE switches it would be a great help. I can post debug output and config if needed.
Forgot to mention, it is wired config for 802.1x....
Re: dot1x on catalyst express 520 and windows 2003 IAS
Thank you JG,
I already tried that, it was my initial setup. After my clients could not authenticate i tried to do manual setup using CLI ( http://switchip/exec ) but GUI did nice config anyway so i could not find any problem.
I have attached switch config, dot1x debug, and RAS tracing from Win 2003 (IASSAM.LOG part).
Ras tracing show that EAP is actually succeeding but authentication repeats 2 more time and eventually switch disables port for some reason probably presuming unsuccessful authorization (although it is successful) i think .
Few more info, supplicants are XP SP3 clients, other switches (cisco and other vendors) work perfectly.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...