I am trying to set up 802.1x on a Catalyst 4006 with a Supervisor III module with IOS 12.1(12c)EW1. I am using Cisco Secure ACS 3.0(2) Build 5 for my Radius server. I'm using the Windows 2000 802.1x hotfix for my 802.1x client software. My goal is as follows:
If USER1 gets authenticated, authorize them to access VLAN 10.
If USER2 gets authenticated, authorize them to access VLAN 20.
If someone tries to logon to the network without the 802.1x Client, authorize them to access VLAN 30.
I have been able to get USER1, and USER2 onto their correct VLANs, but I have been unable to setup a default VLAN for unauthenticated/unauthorized users to be able to access. The only thing I have been able to do is Force Authorization on to VLAN 30 for all users, but then I am unable to assign USER1 or USER2 to their correct VLANS because when I turn on Force Authorization, the switch ignores the client requests for authorization, it just automatically throws them onto VLAN 30.
The reason I would like to do this is so that we can assign known users onto the VLANS we want them to access, and we want to throw unknown users onto VLAN 30. We want to allow unknown users access to the internet because we have outside venders teaching classes on our campus, and we can't be guarenteed that they will have 802.1x on their laptops, but they will still need to access the internet to teach their classes.
If more information is needed (how we have the switch configured now) or I have not been very clear in what I need, let me know. Any help would be greatly appreciated.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...