Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
188
Views
0
Helpful
2
Replies

Cisco 8200 router dot1x and mab configuration prompting an warning

Dinesh DG
Level 1
Level 1

ā€Ž05-02-2024 04:35 AM

Hi All,

we are having a cisco 8200 router running 17.09.04a and we want to configure dot1.x and mab configuration in the celular interface.

I have followed the below guide in configuring 

Cisco Catalyst 8300 and Catalyst 8200 Series Edge Platforms Software Configuration Guide

when I try to configure class-map I am getting the following warning.

router(config)# class-map type control subscriber match-all AAA_SVR_DOWN_AUTHD_HOST

This operation will permanently convert all relevant authentication commands to their CPL control-policy equivalents. As this conversion is irreversible and will disable the conversion CLI 'authentication display [legacy|new-style]', you are strongly advised to back up your current configuration before proceeding. 
Do you wish to continue? [yes]:

May I know what kind of a irreversible impact this will have. Do I have to write erase the router if this configuration doesn't works and needs to change it in another methond ?

 

Appreciate you advise on this.

 

Dinesh

 

 

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

ā€Ž05-02-2024 04:53 AM

i would like to know the requirement here :

we are having a cisco 8200 router running 17.09.04a and we want to configure dot1.x and mab configuration in the celular interface.

May be correct me if i understanding wrong here - cellular interface connect to the provider network ?

why do you want to be 802.1x or MAB authentication on this interface ?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Dinesh DG
Level 1
Level 1
In response to balaji.bandi

ā€Ž05-02-2024 05:00 PM

Hi Balaji,

Thank you for getting back, sorry for my mistake in explanation.

our plan is to migrate the configuration from the existing cisco 1921 to new 8200 router.

we have an interface configuration in existing 1900 router where it has following dot1.x configuration.

 

Router#show run interface gigabitEthernet 0/1/1
!
interface GigabitEthernet0/1/1
description user
switchport access vlan 510
no ip address
authentication control-direction in
authentication event fail action next-method
authentication event server dead action reinitialize vlan 510
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication order dot1x mab
authentication priority dot1x mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
mab
dot1x pae authenticator
dot1x timeout quiet-period 10
dot1x timeout tx-period 10
storm-control broadcast level 20.00 10.00
storm-control multicast level 10.00 5.00
spanning-tree portfast
end

Router#

 

But when configuring 8200 , it is not acceppting authentication and dot1x commands. Hence we have used the above shared document in my previous post.

so when we follow that method , the warning in the previous thread appears. 

hope I have given better clarification this time.

appreciate your help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card