01-17-2012 02:55 PM - edited 03-07-2019 04:24 AM
dear all
quick question,
I plan to implement aaa dot 1x port control on my network. What will happen if I configure the ports to dot1x port control auto before I add the server, will they not work? what should I set them to if adding a server at a later date?
cheers
Carl
01-17-2012 03:37 PM
Carl,
This command just enables 802.1X authentication on the interface and causes the port to transition to the authorized or unauthorized state based on the 802.1X authentication exchange between the switch and the client. You can add a server to the port or disable 1X and add a server. This command can not be configured on a trunk port.
here is the doc for more info:
HTH
01-18-2012 01:21 AM
hi there
I mean what setting on the port will I need to to if I wish to add the aaa radius server at a later date ?
01-18-2012 01:44 AM
I think that is force-authorize. It will stay open then no matter what.
Then, after you add the server commands, change it to auto
01-18-2012 01:59 AM
Hi There
I have some practice questions on this and one of the words says
that the Radius server and application servers will be installed at a future date. You have been tasked with implementing the above access control as a pre-condition to installing the servers.
so to me this would mean that I should use the command force authorized?? as if the servers arent there surely it wont authenticate without them when using the auto command?
what do you think about this ?
01-18-2012 02:06 AM
Hi,
i was thinking that if there isn t a radius server to talk to yet, no auth packets can be sent, so no authentication can happen.
To force the port to stay open (cause no auth is possible yet) force auth is used.
But it could be i misunderstood your question? (dutch speaker here )
01-18-2012 06:09 AM
can anyone help on this ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide