Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

tvo
New Member

Dot1x authentication with ACL on C3750

Hi,

I'm thinking to implement dot1x authentication in my network, but have a lot of non-dot1x capable devices, therefore mac bypass authentication seems also not feasible.

Is it possible if DOT1X authentication fails, an ACL is applied to the switchport without changing the vlan ?

Example of my switchport config:

interface FastEthernet1/0/3

switchport access vlan 500

switchport mode access

switchport port-security maximum 3

switchport port-security

switchport port-security aging time 3

authentication port-control auto

authentication periodic

dot1x pae authenticator

storm-control broadcast level 10.00

storm-control multicast level 10.00

spanning-tree portfast

spanning-tree bpduguard enable

spanning-tree guard root

ip dhcp snooping limit rate 100

-> I would like to not have to add a restriction vlan, because I have provider managed routers and it will cause a lot of overload...

thanks !

Tom

Everyone's tags (4)
224
Views
0
Helpful
0
Replies
CreatePlease login to create content