802.1x doesn't work

pgasol · ‎06-22-2004

Hi I have a Catalyst 6500 with version 7.3(2)

I have configured 802.1x but it doesn't work and I don't know why.

The Radius server is Microsoft IAS and it is working with other switches fron 3Com, Alcatel and Avaya.

Can anybody help me please?

This is the config

And there are two show commands

Console> (enable) sh authentication

Login Authentication: Console Session Telnet Session Http Session

--------------------- ---------------- ---------------- ----------------

tacacs disabled disabled disabled

radius enabled(primary) enabled(primary) enabled(primary)

kerberos disabled disabled disabled

local enabled enabled enabled

attempt limit 3 3 -

lockout timeout (sec) disabled disabled -

Enable Authentication: Console Session Telnet Session Http Session

---------------------- ----------------- ---------------- ----------------

tacacs disabled disabled disabled

radius disabled disabled disabled

kerberos disabled disabled disabled

local enabled(primary) enabled(primary) enabled(primary)

attempt limit 3 3 -

lockout timeout (sec) disabled disabled -

Console> (enable)

Console> (enable) sh dot1x

PAE Capability Authenticator Only

Protocol Version 1

system-auth-control enabled

max-req 2

quiet-period 60 seconds

re-authperiod 3600 seconds

server-timeout 30 seconds

supp-timeout 30 seconds

tx-period 30 seconds

rzanett · ‎06-24-2004

Not clear on what you mean by it does not work. What does not work? The port remains up? You can not get connected, you can get connected? Can you define a little better?

One idea, is that did you add the switch to the radius server? If not, the switch will not be able to act as authenticator.

Bob