09-30-2003 09:59 AM - edited 03-02-2019 10:41 AM
I have already set my network up with 6509 (Core switch) and 4506 and 3750 as access switches. VLANs Load Balancing are also configured between EtherChannel links. Now Management requires to adopt 802.1X technology to secure VLANS since they want each user to be authenticated by Cisco ACS server. What configuration I will need for my switches in order to configure 802.1X and VLANS by Users by keeping the same network design?
I am little confused because some articles show that it will require to configure VLANs by User-ID. I already have my VLANS configured by ports (between the switches), and hoping that would not require any changes. All I can think of that the ports belong to Workstations may need to setup as VLANs by User ID, not by ports.
10-06-2003 08:21 AM
I guess Vlans configured by ports should work...
10-06-2003 09:41 AM
you leave the vlans assigned to a "default" or "unsecured" vlan, the turn on do1x auth on the ports and clients then vlans are dynamically assigned via acs according to user id. Note, "default" or "unsecured" vlan needs to be able to reach login servers and depending on logon method may have to use certificates on machines
10-06-2003 11:10 AM
Thanks mschooley ! quick question what about the ports between the switches (Trunk Ports). I have configured EtherChannel with Redundant Links. Do I have to worry about those ports. I think not because I believe only host ports need to be configured with 802.1x.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide