cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
835
Views
0
Helpful
4
Replies

DOT1X FAILURE

isaaco001
Level 3
Level 3

Hi all,

 

I have been struggling to find out why a test pc client can't authenticate with dot1x or mab. I have collected debug dot1x all and show run config file of the switch. Can anybody please assist in why client cant authenticate. when i do test aaa group radius xxxxx xxxx legacy on the switch all is well,but when i do it on client side it just fails.

 

Thank you all!

4 Replies 4

dot1x-ev:DOT1X Supplicant not enabled on FastEthernet0/3

 

Interface Fast0/3

 dot1x pae auth

 authentication port control auto

 authentication order mab dot1x

 authentication prio dot1x mab

 authentication host-mode multi-auth   (only in case if you on vmware workstation etc.)

 

 

 

please do not forget to rate.

Hi Sheraz,

 

Thanks for the prompt response! I will implement the recommended changes tomorrow. Please note that i was bouncing the interface at some point to force dot1x process and in this test i was just doing dot1x peap authentication only.i meant i had tried mab authentication separately but i didnt succeed.

 

Thanks once again!

 

Regards,

Isaac.

On top of what @Sheraz.Salim said, are you using Anyconnect or the built-in Windows native supplicant? If you are using the built in supplicant there are several things you need to configure to ensure that it works as expected.

hi Mike,

Thanks for the response. I basically followed the guides by enabling wiredautoconfig from services.msc and disabled certificate validation as required for dot1x without CA's.I will update you guys tomorrow when i implement the recommendations.

 

I really appreciate,thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: