04-29-2020 07:00 PM - last edited on 05-02-2020 09:55 PM by hslai
Hi,
I hope that u are doing good.
I installed a windows 7 in vmware workstation and i instaled a switch cisco in EVE-NG.
The purpose is to authenticate windows wired card with the cisco ise that also installed in vmware.
Result : Ping between windows 7 and switch work correctly but when a activate 802.1x in wired card i dont receive any think in a switch console when a activate a debug command (like any information that send to switch).
Can u please help me to resolve that issue?
04-29-2020 07:58 PM
04-30-2020 04:47 AM
Hi,
Thank u for your reply.
You’ll find attached supplicant configuration.
Switch port configuration :
switchport mode access
duplex auto
authentication host-mode multi-auth
authentication port-control auto
mab
dot1x pae authenticator
spanning-tree portfast
Thank you.
04-30-2020 05:27 AM
hi,
I add the logs that i received in switch :
*Apr 30 12:26:10.759: %DOT1X-5-FAIL: Authentication failed for client (Unknown MAC) on Interface Et0/1 AuditSessionID 0A010202000000020030647C
*Apr 30 12:26:10.759: %AUTHMGR-7-RESULT: Authentication result 'no-response' from 'dot1x' for client (Unknown MAC) on Interface Et0/1 AuditSessionID 0A010202000000020030647C
*Apr 30 12:26:10.759: %AUTHMGR-7-FAILOVER: Failing over from 'dot1x' for client (Unknown MAC) on Interface Et0/1 AuditSessionID 0A010202000000020030647C
*Apr 30 12:26:10.759: %AUTHMGR-7-NOMOREMETHODS: Exhausted all authentication methods for client (Unknown MAC) on Interface Et0/1 AuditSessionID 0A010202000000020030647C
Switch(config-if)#
*Apr 30 12:26:10.759: %AUTHMGR-5-FAIL: Authorization failed for client (Unknown MAC) on Interface Et0/1 AuditSessionID 0A010202000000020030647C
04-30-2020 06:27 AM
04-30-2020 12:07 PM
thank's for your answer.
However i tested with tweak setting but i had the same behavior(don't work).
My end goal is to authenticate user and computer.
I tried to test with network card just to assume that all work correctly.
Thank's
04-30-2020 07:26 PM
04-30-2020 07:31 PM
04-30-2020 07:43 PM
Hi,
Thank u to find attached show version and show tech.
When i delete radius configuration in the port switch and i ping switch from pc it can learn mac address.But when i configure radius in port i can't ping switch, i can't autenticate PC and i can't learn mac adresse.
Thank you.
04-30-2020 08:24 PM
04-30-2020 08:38 PM
04-30-2020 08:44 PM
11-08-2020 01:18 AM
Try To Remove check under Verify servers to validate the EAP certificate if you are not using certificate-based authentication.
Please Rate if it helpful for you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide