Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1519
Views
0
Helpful
1
Replies

CISCO 3650 dot1x radius freeradius configuration port

johnblack2045
Level 1
Level 1

‎08-14-2020 10:37 AM

hello

i would like you help to understand how should i configure my switch  3650 and understand

 

-i have a freeradius that can assign a single vlan 2 

 

-my switch configuration :


vtp mode transparent
vlan 400
name LAN_RH
vlan 401
name LAN_DEV
vlan 402
name LAN_MARKET

 

 

 


aaa authentication login AUTH1 group radius local
aaa authorization exec AUTH1 group radius local
aaa authorization network AUTH1 group radius local
aaa authentication dot1x AUTH1 group radius
aaa accounting dot1x AUTH1 start-stop group radius

 

 

interface GigabitEthernet1/0/1
switchport mode access
switchport access vlan 401
switchport nonegotiate
authentication port-control auto

dot1x pae both
authentication periodic

spanning-tree portfasictt disable
no shutdown

 

NO VLAN 2 EXIST ON SWITCH

 

Questions:

 

-I want my G1/0/1 to authenticate with dot1x radius without replacing vlan 401 by vlan 2 from freeradius assigment.

-Need VLAN 401 be defined too in my freeradius configuration ?

-Is my GI1/0/1 well configured ?

 

Best Regards

 

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎08-14-2020 11:12 AM

check below example (i have not tried) i only use free radius for admin access, but your requirement is different (for that we use ISE).

 

http://blog.manton.im/2017/11/implementing-8021x-with-cisco-2960-and.html

https://gist.github.com/z-afshar/cf662e17a0733a9768e0a510ed5d2a6f

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card