Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
269
Views
0
Helpful
4
Replies

802.1x Authentication Fails on GB Switch but Works on Fast Ethernet Switch

james_fisk
Level 1
Level 1

‎01-14-2016 11:38 AM - edited ‎03-08-2019 03:24 AM

Hello,

This is my first post. We have fa and gi switches. 802.1x authentication works great on a fast Ethernet C2960 with firmware 12.2(55) SE. But clients fail to authenticate on a C3750 with firmware 12.2 (55)SE. The client PC has a GPO to enable the proper local configuration. A test notebook authenticates when connected to a the C2960 but fails on the C3750. I am wondering if there is an additional or different command required to configure a Gi switch. I would assume not because they are running the same firmware but the only difference is the hardware. I used command dot1x port-control auto to enable.

Thank you,

Jim

Labels:
0 Helpful
4 Replies 4

austinmbailey1
Level 1
Level 1

‎01-15-2016 06:29 AM

What commands are you running on the access ports?

On my Gigabit switches, we run the following commands:

dot1x max-req 3

dot1x max-reauth-req 3

authentication port-control autoauthentication timer reauthenticate 3600 (this is one hour, which should be default)

-Austin

0 Helpful

james_fisk
Level 1
Level 1
In response to austinmbailey1

‎01-15-2016 08:14 AM

Austin,

Thank you for your response. The port is question has the following configuration....


switchport access vlan xx

switchport mode access

dot1x port-control auto

dot1x pae authenicator

spanning-tree portfast

 

0 Helpful

austinmbailey1
Level 1
Level 1
In response to james_fisk

‎01-15-2016 08:59 AM

Try adding the following to access ports:

dot1x max-req 3

dot1x max-reauth-req 3

dot1x reauthentication

Do you have all of your radius commands set up the same as the other switch?

0 Helpful

Glenn Martin
Cisco Employee
Cisco Employee

‎01-15-2016 11:13 AM

moving post to the Network Infrastructure>Lan Switching Community. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card