Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Why do desktop switches (unmanaged switches) drop the EAP-TLS message in 802.1x deployment?

Hi,

I'm doing differents tests with 802.1x to find the best setting to my network but I've found a problem with the desktop switches that I don't know how I can resolve.If there are solution,

I'll try to explain the case....

Scenario:

Hardware Setup:
Cisco Switch <-> Unmanaged Switch <-> PC

I'm using a switch WS-C2960+24PC-L with 15.0(2)SE5 IOS with the following 802.1x setting:

interface
 switchport mode access
 authentication host-mode multi-auth
 authentication port-control auto
 authentication periodic
 mab
 dot1x pae authenticator
 dot1x timeout tx-period 3
 spanning-tree portfast
 

well....although I can access to my lab without any problem when I plug the PC directly to the port, I can't connect when I use a unmaneged switch between them (I don't don't receive the EAP message in my RADIUS and the switch try to authenticate using MAB)

I repeat the same with a old hub that I had in my desk and I connected correctly so I think the problem is in the unmanaged switch but I'm using 3-4 3Com differents models.

 

Someone know why the desktop switch (unmanaged switch) does not forward the EAP message?

Are there any restriction or bug in this kind of devices?

 

Thanks in advance,

Everyone's tags (1)
151
Views
0
Helpful
0
Replies
CreatePlease login to create content