Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
369
Views
0
Helpful
3
Replies

802.1x Authentification Problem

Patrick_Olbertz
Level 1
Level 1

‎04-02-2014 01:31 PM - edited ‎03-10-2019 09:36 PM

Hi, i have some Problems setting up a dot1x authentification.

In my lab i use 1 Client, 2 Switches and a RADIUS-Server.

Client => Switch A => Switch B => RADIUS

I have configured an interface vlan on switch A and switch B in the same vlan the RADIUS-server is. So the client sends an authentification-request to switch A and switch a sends the request to the radius server using the mentioned vlan interface. without the vlan interface on switch A i can not authentificate the client.. is there a way to configure switch A to forward the request from the client to the vlan interface of switch B, so switch B can send the request to the RADIUS-server? Or do i have to configure a vlan interface on every switch, so the switch my client is connected to has to send the request to the RADIUS server?

this would mean a lot of work in a bigger LAN and i would have to waste a lot of IP adresses, because i would need a vlan interface in the same vlan my RADIUS-server is on every switch...

Labels:
0 Helpful
3 Replies 3

edwjames
Level 3
Level 3

‎04-02-2014 03:09 PM

Hey Patrick,

Could you share the switch (A,B) configuration?

I would like to understand the issue better.

Regards

Ed

**Share your knowledge. It’s a way to achieve immortality. --Dalai Lama** Please Rate if helpful. Regards Ed
0 Helpful

kaaftab
Level 4
Level 4

‎04-02-2014 09:30 PM

yes do share your config and by using ip helper address the vlan should be able to forward the broadcast.Well VTP is the option for your issue also if you are manging the vlans on every switch seprately.

0 Helpful

Patrick_Olbertz
Level 1
Level 1

‎04-03-2014 12:55 PM

i found out that it's impossible to use dot1x without a vlan interface on the switch your client is connected to (in my lab switch A)...

thanks anyway

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents