Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
475
Views
0
Helpful
0
Replies

Span & 802.1X issue

aviyoshi10
Level 1
Level 1

‎06-06-2012 04:10 AM - edited ‎03-07-2019 07:05 AM

Hi All,

we need to monitor access ports with 802.1x enabled on them via regular SPAN. we are using 3750x and Cat6k.

When dot1x authentication failed on 3750 and port state is in "up/down", we can still see broadcast packets (arp request) on the monitor station

When dot1x authentication failed on 6500 and port is in "up/down" , we don't see any packet on the monitor station.

we are using the same configuration on both switches:

aaa new-model

aaa authentication dot1x default group radius

dot1x system-auth-control

dot1x critical eapol

radius-server host x.x.x.x auth-por 1812 acc-port 1813 key XXXXXXXX

int gi x/x

authentication port-control auto

authentication periodic

dot1x pae authenticator

please advise,

Avi

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card