I have already set my network up with 6509 (Core switch) and 4506 and 3750 as access switches. VLANs Load Balancing are also configured between EtherChannel links. Now Management requires to adopt 802.1X technology to secure VLANS since they want each user to be authenticated by Cisco ACS server. What configuration I will need for my switches in order to configure 802.1X and VLANS by Users by keeping the same network design?
I am little confused because some articles show that it will require to configure VLANs by User-ID. I already have my VLANS configured by ports (between the switches), and hoping that would not require any changes. All I can think of that the ports belong to Workstations may need to setup as VLANs by User ID, not by ports.
you leave the vlans assigned to a "default" or "unsecured" vlan, the turn on do1x auth on the ports and clients then vlans are dynamically assigned via acs according to user id. Note, "default" or "unsecured" vlan needs to be able to reach login servers and depending on logon method may have to use certificates on machines
Thanks mschooley ! quick question what about the ports between the switches (Trunk Ports). I have configured EtherChannel with Redundant Links. Do I have to worry about those ports. I think not because I believe only host ports need to be configured with 802.1x.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...