Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3308
Views
0
Helpful
3
Replies

802.1X port management via SNMP

Go to solution
vladyslaw
Level 1
Level 1

‎10-06-2015 05:49 AM

Hello,

Could somebody tell me the way to disable 802.1X for the specific port via snmp command?

i.e, I can do it from the cli "no  authentication port-control auto". But I need this to be done in more 'scriptable' form.

as we can disable/enable port like this:

SET ON(1)/OFF(2) per interface ID
snmpset -v2c -c private switch.host.name 1.3.6.1.2.1.2.2.1.7.10102 i 2

I've tried to browse the CISCO-PAE-MIB and didn't find the solution... 

Any links or idea?

 

Thank you.

PS Catalyst 2960S Series...

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rolf Fischer
Level 9
Level 9

‎10-07-2015 01:07 PM

Hi,

not sure if it will work but you could try to set dot1xAuthAuthControlledPortControl to the default value (3:forceAuthorized):

snmpset -v2c -c private switch.host.name 1.0.8802.1.1.1.1.2.1.1.6.<port-index> i 3

(Note that the Cisco Object Navigator showes an incorrect OID.)

 

HTH

Rolf

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rolf Fischer
Level 9
Level 9

‎10-07-2015 01:07 PM

Hi,

not sure if it will work but you could try to set dot1xAuthAuthControlledPortControl to the default value (3:forceAuthorized):

snmpset -v2c -c private switch.host.name 1.0.8802.1.1.1.1.2.1.1.6.<port-index> i 3

(Note that the Cisco Object Navigator showes an incorrect OID.)

 

HTH

Rolf

0 Helpful

Go to solution
Rolf Fischer
Level 9
Level 9
In response to Rolf Fischer

‎10-08-2015 01:32 AM

Looks very promising:

ifName.10003 = Fa0/3

switch#show run int fa0/3 | i auth
 authentication host-mode multi-auth
 authentication port-control auto
 authentication timer restart 300
 authentication timer inactivity server

snmpset -v2c -c XXX switch.host.name 1.0.8802.1.1.1.1.2.1.1.6.10003 i 3

switch#show run int fa0/3 | i auth
 authentication host-mode multi-auth
 authentication timer restart 300
 authentication timer inactivity server

snmpset -v2c -c XXX switch.host.name 1.0.8802.1.1.1.1.2.1.1.6.10003 i 2

switch#show run int fa0/3 | i auth
 authentication host-mode multi-auth
 authentication port-control auto
 authentication timer restart 300
 authentication timer inactivity server

 

HTH

Rolf

0 Helpful

Go to solution
vladyslaw
Level 1
Level 1
In response to Rolf Fischer

‎10-20-2015 01:04 AM

Yes, that's exactly what I need! Thank you for the help, Rolf!

Never thought it is possible to mess out with incorrect oids' digits!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card