Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1372
Views
0
Helpful
3
Replies

802.1X and Hub Use

aalton
Level 1
Level 1

‎08-30-2005 03:53 PM - edited ‎03-02-2019 11:52 PM

I'm trying 802.1x in the lab. It works fine connected directly to the switch port. However, when I try to connect through a hub it won't authenticate properly.

The debug messages tell me the following:

Aug 30 16:19:19: dot1x-err:Dot1x is supportedonly on Access,Routed and private-vlan host modes.Trunk port being Authorized!! something went wrong

Aug 30 16:19:19: dot1x-err:Port wouldn't come up. Failing authorization.

But the interface is an access port:

switch#sh run int fa0/5

Building configuration...

Current configuration : 136 bytes

!

interface FastEthernet0/5

switchport mode access

dot1x port-control auto

dot1x host-mode multi-host

spanning-tree portfast

end

Here is what I'm running:

switch#sh ver

Cisco IOS Software, C3550 Software (C3550-IPBASEK9-M), Version 12.2(25)SEB, RELEASE SOFTWARE (fc1)

Why would it think I'm running a trunk port? Is this some defensive mechanism to stop bypassing of 802.1x controls? If so, how can I get it to work with hubs without turning off 802.1x on that port?

Allan

Labels:
0 Helpful
3 Replies 3

ybajpai
Level 1
Level 1

‎08-30-2005 09:38 PM

how does your complete config looks like? do you have "aaa authentication dot1x default group radius" configured?

Can you test and see if you see this issue for win2k or non-Microsoft clients as well?

0 Helpful

aalton
Level 1
Level 1
In response to ybajpai

‎08-31-2005 08:04 AM

The config is a red herring but yes the RADIUS server is configured properly. Remember, this works just fine when you plug in the PC directly.

The issue at hand is the meaning of the debug messages. Why would they appear when connecting through a hub?

0 Helpful

aalton
Level 1
Level 1
In response to aalton

‎09-02-2005 12:12 PM

I have new information that may be of value for those who might run into this situation.

The problem I was having is somehow related to the hub I was using (Netgear DS104). I tried another hub of the same model and it too wouldn't allow connection. Yet when I use a 3Com hub everything works as I would expect it to. There may be some compatability issue with the Netgear hub that I'm not aware of and don't have time to research. Perhaps those layer 1 experts out there have some insight.

0 Helpful
Customers Also Viewed These Support Documents
Top