08-26-2014 02:28 AM - edited 03-10-2019 09:58 PM
Hi,
I'm trying to config a switch WS-C2960+24PC-L with IOS 15.0(2)SE5 and C2960-LANBASEK9-M to use 802.1x in my network but when I type the following commands the IOS doesn't recognize the interface commands and I can't complete the settings:
Router# configure terminal Router(config)# dot1x system-auth-control Router(config)# aaa new-model Router(config)# aaa authentication dot1x default group radius Router(config)# interface fastethernet2/1 Router(config-if)# switchport mode access Switch(config-if)# authentication port-control auto (or dot1x port-control auto) Switch(config-if)# authentication host-mode multihost Router(config-if)# dot1x pae authenticator Router(config-if)# end
I've used the same commands in other switch with IOS 12.x and I don't have any problem to complete the settings so.... somebody know if:
* Should I use others commands to activate this feature in this IOS?
* Do I need to use other IOS?
Thanks in advance,
Solved! Go to Solution.
08-26-2014 04:05 AM
I assume that you forgot to paste in the following command:
switchport mode access
The "authentication ..." commands won't show up when the port is still in dynamic access/trunk mode. Only after you configure the port statically to be an access-port, these commands are available.
08-26-2014 02:50 AM
08-26-2014 03:48 AM
Hi mohanak,
This command (new or old commands) doesn't appear in my IOS.
I type the following:
test(config)#
test(config)#aaa new-model
test(config)#aaa group server radius RADIUS_ACCESS_CONTROL
test(config-sg-radius)# server xxx.xx.xx.xx auth-port 1812 acct-port 1813
test(config-sg-radius)# exit
test(config)#aaa authentication dot1x default group RADIUS_ACCESS_CONTROL
test(config)#aaa authorization network default group RADIUS_ACCESS_CONTROL
test(config)#
test(config)#dot1x system-auth-control
test(config)#int fa0/1
but in this point, when I'm configuring the interfaces the switch hasn't got the commands:
test(config-if)#aut?
auto
test(config-if)#dot?
% Unrecognized command
test(config-if)#d?
dampening default delay description
down-when-looped duplex
test(config-if)#
What am I doing wrong?
08-26-2014 04:05 AM
I assume that you forgot to paste in the following command:
switchport mode access
The "authentication ..." commands won't show up when the port is still in dynamic access/trunk mode. Only after you configure the port statically to be an access-port, these commands are available.
08-26-2014 04:23 AM
No, I really forgot this command.
Thanks,
11-19-2014 11:16 PM
Thanks..this helped me too. :)
11-03-2017 12:59 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide