Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

radius communication

Hi all,

I have two 3750s, one is connected to the radius server (ACS), and the other is connected to clients. There's a trunk connection between the two switches.

By the way, radius works fine. However my problem is that the switch that is connected to clients must relay the 802.3 encapsulated EOPOL frames to the switch at the end of the trunk and that switch must forward those frames encapsulated in radius format.

When a client initiates authentication by sending EAPOL frames with multicast L2 address, the trunk does not appear to be forwarding the frames over the trunk link.

To summarize How am I supposed to implement wired 802.1x authentication with a radius server connected multiple switches away?

Thanks in advance.

1 REPLY

Re: radius communication

If the switch to which the hosts are connected is configured as the AAA Client (Authenticator), this switch communicates with the RADIUS server via RADIUS packets, not EAPOL.

EAPOL is used between the host and the Authenticator.

Configure the switch that the hosts are connected to, as the AAA Client (Authenticator).

122
Views
5
Helpful
1
Replies