Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Span & 802.1X issue

Hi All,

we need to monitor access ports with 802.1x enabled on them via regular SPAN. we are using 3750x and Cat6k.

When dot1x authentication failed on 3750 and port state is in "up/down", we can still see broadcast packets (arp request) on the monitor station

When dot1x authentication failed on 6500 and port is in "up/down" , we don't see any packet on the monitor station.

we are using the same configuration on both switches:

aaa new-model

aaa authentication dot1x default group radius

dot1x system-auth-control

dot1x critical eapol

radius-server host x.x.x.x auth-por 1812 acc-port 1813 key XXXXXXXX

int gi x/x

authentication port-control auto

authentication periodic

dot1x pae authenticator

please advise,

Avi

Everyone's tags (3)
264
Views
0
Helpful
0
Replies