09-25-2018 12:30 AM - edited 03-08-2019 04:14 PM
Hi there!
I have configured 802.1x configuration with VLAN assigment. Its working very well for domain (known) devices. But I have some difficulties with unknown devices (laptops) which are not a part of our network. There is vlan99 which is created for guests with internet access only. NPS runs on win2k8 - RADIUS. The port ist configured like this:
interface GigabitEthernet2/0/16
description z P2-23
switchport access vlan 99
switchport mode access
switchport nonegotiate
switchport port-security maximum 3
switchport port-security aging type inactivity
ip arp inspection limit rate 200
srr-queue bandwidth share 1 30 35 5
priority-queue out
authentication open
authentication port-control auto
mls qos trust cos
dot1x pae authenticator
dot1x timeout tx-period 5
dot1x max-reauth-req 3
auto qos trust
spanning-tree portfast
spanning-tree bpduguard enable
ip verify source
ip dhcp snooping limit rate 25
end
so afted this configuration I was expected that port is configured into vlan 99 with no port-security (have some reasons), AUTHENTICATION open which I tought if authentication fails, that device connected to that port will have access of vlan99, authen port-controll auto (if devices is know[part of domain]) will be assined into particular vlan. The problem is that unknown device getting authenticated over and over. pls correct me if I am wrong and try to help me, with configuration.
Solved! Go to Solution.
09-25-2018 01:03 AM
Hello,
off the top of my head, I think you have to configure a fallback VLAN:
interface GigabitEthernet2/0/16
authentication event fail action authorize vlan 99
09-25-2018 01:03 AM
Hello,
off the top of my head, I think you have to configure a fallback VLAN:
interface GigabitEthernet2/0/16
authentication event fail action authorize vlan 99
09-25-2018 01:11 AM
09-25-2018 02:34 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide