03-19-2019 06:30 AM
Hi all,
I have been struggling to find out why a test pc client can't authenticate with dot1x or mab. I have collected debug dot1x all and show run config file of the switch. Can anybody please assist in why client cant authenticate. when i do test aaa group radius xxxxx xxxx legacy on the switch all is well,but when i do it on client side it just fails.
Thank you all!
03-19-2019 06:54 AM
dot1x-ev:DOT1X Supplicant not enabled on FastEthernet0/3
Interface Fast0/3
dot1x pae auth
authentication port control auto
authentication order mab dot1x
authentication prio dot1x mab
authentication host-mode multi-auth (only in case if you on vmware workstation etc.)
03-19-2019 08:52 AM
Hi Sheraz,
Thanks for the prompt response! I will implement the recommended changes tomorrow. Please note that i was bouncing the interface at some point to force dot1x process and in this test i was just doing dot1x peap authentication only.i meant i had tried mab authentication separately but i didnt succeed.
Thanks once again!
Regards,
Isaac.
03-19-2019 10:06 AM
03-19-2019 11:31 AM
hi Mike,
Thanks for the response. I basically followed the guides by enabling wiredautoconfig from services.msc and disabled certificate validation as required for dot1x without CA's.I will update you guys tomorrow when i implement the recommendations.
I really appreciate,thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide