Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

802.1x authentication

Hi All,

I am trying to implement 802.1x security on the network. I am tesiting on a switch on one of the ports with the following config

conf t

aaa new-model

aaa authentication dot1x default group radius

radius-server host x.x.x.x auth-port 1612 key rad1234

int fa1/0/x

dot1x port-control auto

switch is added as client on DC with IAS installed. I have a remote access policy configured called DOT1X AUTHENTICATION. In active directory i have a global group called AUTH PC's.I have no certificate set up on server. My questions are as follows

1. What needs to be added to Active Directory group ? All domain pc's

2. On client LAN properties PEAP settings. Do I need certificate generated or can I just add dc to trusted servers. I am using MSCHAP V2 here.

Also if pc is on domain it will allow authentication. If not it will then prompt for username/password.

If I am missing anything please let me know of if config needs tuning

New Member

Re: 802.1x authentication

Looks good . Thanks

CreatePlease to create content