https://community.cisco.com/t5/network-access-control/802-1x-authentication/m-p/808493#M5592 <HTML><HEAD></HEAD><BODY><P>This should help:</P><P></P><P>&lt;<A class="jive-link-custom" href="http://download.microsoft.com/download/b/0/e/b0e2a363-0044-4327-8f17-020818f57234/Wired_depl.doc" target="_blank">http://download.microsoft.com/download/b/0/e/b0e2a363-0044-4327-8f17-020818f57234/Wired_depl.doc</A>&gt;</P><P></P><P>&lt;<A class="jive-link-custom" href="http://www.cisco.com/application/pdf/en/us/guest/netsol/ns656/c654/ccmigration_09186a00805eea83.pdf" target="_blank">http://www.cisco.com/application/pdf/en/us/guest/netsol/ns656/c654/ccmigration_09186a00805eea83.pdf</A>&gt;</P></BODY></HTML> Thu, 26 Apr 2007 13:42:39 GMT jafrazie 2007-04-26T13:42:39Z https://community.cisco.com/t5/network-access-control/802-1x-authentication/m-p/808492#M5591 <P>Hi All,</P><P></P><P>I am trying to implement 802.1x security on the network. I am tesiting on a switch on one of the ports with the following config </P><P>conf t</P><P>aaa new-model</P><P>aaa authentication dot1x default group radius </P><P>radius-server host x.x.x.x auth-port 1612 key rad1234</P><P></P><P>int fa1/0/x</P><P>dot1x port-control auto</P><P></P><P>switch is added as client on DC with IAS installed. I have a remote access policy configured called DOT1X AUTHENTICATION. In active directory i have a global group called AUTH PC's.I have no certificate set up on server. My questions are as follows</P><P></P><P>1. What needs to be added to Active Directory group ? All domain pc's</P><P>2. On client LAN properties PEAP settings. Do I need certificate generated or can I just add dc to trusted servers. I am using MSCHAP V2 here.</P><P></P><P>Also if pc is on domain it will allow authentication. If not it will then prompt for username/password.</P><P>If I am missing anything please let me know of if config needs tuning</P> Fri, 21 Feb 2020 18:18:07 GMT https://community.cisco.com/t5/network-access-control/802-1x-authentication/m-p/808492#M5591 FrancisHoban 2020-02-21T18:18:07Z https://community.cisco.com/t5/network-access-control/802-1x-authentication/m-p/808493#M5592 <HTML><HEAD></HEAD><BODY><P>This should help:</P><P></P><P>&lt;<A class="jive-link-custom" href="http://download.microsoft.com/download/b/0/e/b0e2a363-0044-4327-8f17-020818f57234/Wired_depl.doc" target="_blank">http://download.microsoft.com/download/b/0/e/b0e2a363-0044-4327-8f17-020818f57234/Wired_depl.doc</A>&gt;</P><P></P><P>&lt;<A class="jive-link-custom" href="http://www.cisco.com/application/pdf/en/us/guest/netsol/ns656/c654/ccmigration_09186a00805eea83.pdf" target="_blank">http://www.cisco.com/application/pdf/en/us/guest/netsol/ns656/c654/ccmigration_09186a00805eea83.pdf</A>&gt;</P></BODY></HTML> Thu, 26 Apr 2007 13:42:39 GMT https://community.cisco.com/t5/network-access-control/802-1x-authentication/m-p/808493#M5592 jafrazie 2007-04-26T13:42:39Z https://community.cisco.com/t5/network-access-control/802-1x-authentication/m-p/808494#M5593 <HTML><HEAD></HEAD><BODY><P>Looks good . Thanks</P></BODY></HTML> Thu, 26 Apr 2007 13:57:13 GMT https://community.cisco.com/t5/network-access-control/802-1x-authentication/m-p/808494#M5593 FrancisHoban 2007-04-26T13:57:13Z