Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
757
Views
0
Helpful
2
Replies

dot1x authentication failing with Radius Server

rsamtani
Level 1
Level 1

‎07-20-2005 03:31 PM - edited ‎03-10-2019 02:14 PM

Hi All,

I have configured dot1x authentication on 3750 switch and configured a Windows 2003 radius server as an authentication server. When running debugs aaa and dot1x, I do see the reject coming from the Windows Radius server. It says length of packet = 0. I am attaching debugs along with this post. Any thoughts would be appreciated. I am using EAP-MSCHAPv2 on Windows XP workstation and on Windows Radius server with AD in the backend.

Configuration 3750 Switch -

aaa new-model

aaa authentication dot1x default group radius

dot1x system-auth-control

!

interface FastEthernet1/0/2

description PC connected to Phones with Authorization

switchport access vlan 10

switchport mode access

switchport voice vlan 6

dot1x port-control auto

dot1x host-mode multi-host

dot1x timeout quiet-period 30

dot1x timeout reauth-period 14400

spanning-tree portfast

!

radius-server host 10.72.2.154 auth-port 1645 acct-port 1646 key 7 0023433247650

radius-server source-ports 1645-1646

Regards -

Rakesh

Labels:
Preview file
25 KB
Preview file
6 KB
0 Helpful
2 Replies 2

didyap
Level 6
Level 6

‎07-26-2005 11:08 AM

Here is a document on 802.1x Configuration Guidelines.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225se/3550scg/sw8021x.htm#wp1025090

0 Helpful

jafrazie
Cisco Employee
Cisco Employee

‎07-26-2005 01:34 PM

There's probably not enough information here. The switch will not know why auth failed. AAA will. I would look in the AAA logs to see the error code for the failure of the "FMNET\bhugel" user account.

0 Helpful
Customers Also Viewed These Support Documents