08-18-2024 09:29 AM - edited 08-18-2024 09:37 AM
___________
= [Overview] =
___________
Hey all, has anyone been able to test 802.1x for the following version IOU L2 Image:
- (X86_64BI_LINUX_L2-ADVENTERPRISEK9-M), Version 17.12.1, RELEASE SOFTWARE (fc5)
___________________
= [Whats The Problem] =
___________________
Seems you can setup dot1x on the IOU L2 image, but the below commands do not work when you try to do basic verification:
- show authentication sessions
- show access-session
- show dot1x interface
__________
= [Testing] =
__________
I re-ran the same configs I have on my IOU L2 image in my lab against the VIRL L2 image provided in CML 7.1 and the commands I outlined above (with the exception of "show access-session") works fine.
Solved! Go to Solution.
08-18-2024 09:51 AM
- FYI : https://community.cisco.com/t5/network-access-control/802-1x-lab-not-working-edge-switch-won-t-send-authentication/m-p/4823237#M581422
(You may want to review the complete thread too)
M.
08-18-2024 09:51 AM
- FYI : https://community.cisco.com/t5/network-access-control/802-1x-lab-not-working-edge-switch-won-t-send-authentication/m-p/4823237#M581422
(You may want to review the complete thread too)
M.
08-18-2024 10:21 AM - edited 08-18-2024 10:22 AM
Hi @marce1000,
Thanks for writing back, I've gone ahead and opened a bug report with (CiscoDevNet/cml-community):
- https://github.com/CiscoDevNet/cml-community/issues/46
I'll add that link you shared so we can get some traction, we can close this thread now that it's confirmed a few users have reported the issue.
This should help others who are trying to do dot1x labs using that image in the future.
Take care!
08-18-2024 02:56 PM
Well done for raising the attention on this. The only virtual IOS image I am aware of, where 802.1X works, is the Cat 9000v image - but you need a monster 18GB of RAM and the CPU will be working hard. I was hoping that the new IOL (since CML 2.7) would support it but it doesn't. I think also that the older vIOS-L2 is not getting much attention either. All the focus will be on IOL (and rightly so). The nice thing about IOL is that it runs as a Linux executable, and does not require QEMU/KVM emulation.
The CML Community page on the Learning Network is the place to get their attention.
08-18-2024 04:48 PM
@Arne Bier - I also prefer IOU over vIOS because as you mentioned it runs on Linux without KVM/QEMU.
CAT9k won’t be an option for most, here’s to hoping they resolve the issue in the near future!
08-18-2024 03:48 PM
not all features are supported; have u tried the other one, IOSv-L2 15.2 ?
Regards, ML
**Please Rate All Helpful Responses **
08-18-2024 04:50 PM - edited 08-18-2024 04:51 PM
Hey @Martin L - Yes, earlier in my post I did some testing with L2 vIOS, L2 vIOS works fine.
Unfortunately, it’s an issue with IOU image that comes with CML 2.7.1.
08-18-2024 07:04 PM
FWIW… it’s only a “bug” if some Development Engineer (DE) committed code into the IOL-L2 throttle with the intention that .1x should actually work. IOL/IOL-L2 is not a commercial product and exists primarily as an internal platform for DEs to develop their own Platform Independent (PI) code. Features in IOL/IOL-L2 are there because either a DE needed to develop something for their own purposes, or someone else sponsored them to do some feature development. As such, feature support will be incomplete by comparison with commercial products. IOL is provided in CML as a convenience to users who need an IOS image with a lot of features, but without a heavy RAM footprint. [BTW, “IOU” refers to the older IOS on Unix, which ran on Solaris/Sparcstation. IOL is the newer IOS on Linux which runs on Linux/x86.]
As a DE’s internal platform and not a commercial product, IOL is not really supported by TAC. There is no good way for CML users to get CDETS bug IDs filed and have DEs assigned to fix them. The efforts of DEs will be prioritized to enhance and fix commercial products instead.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide