Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

802.1x Certificate Renewal

Hi,

I have customer planning to deploy 802.1x in their wired network.

1. They are using certificate, username and password to authenticate.

2. Unauthorized user will be assigned to Guest Vlan with limited access to the network.

3. The problem is, when the certificate is expired, user wont be able to authenticate to the network.

4. How to allow user to renew the certificate when then dont have access to their network? Is there any work around?

Thanks

1 REPLY
Cisco Employee

Re: 802.1x Certificate Renewal

Users who fail 802.1X are not assigned to the Guest VLAN. They are denied access or, if the auth-fail VLAN is configured on the switch, they will go to the auth-fail VLAN. You can configure the auth-fail VLAN with enough access to get to the CA to renew the cert.

Shelly

151
Views
0
Helpful
1
Replies