Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
478
Views
1
Helpful
3
Replies

WS-C2960s Port-based with radius 802.1x

Go to solution
gboliveira
Level 1
Level 1

‎09-12-2023 01:59 PM

Hello Team

I'am trying to apply the port-based configuration with Radius NPS on Windows Server and not luck yet...
I've seen some guides and everything seems to be ok, anyway, not able to authenticate...

Going to show part of my config:

aaa new-model

aaa group server radius port-based
   server name GOLDSRVDC02

dot1x system-auth-control

interface GigabitEthernet1/0/13
  switchport access vlan 10
  switchport mode access
  authentication port-control auto
  dot1x pae authenticator
  spanning-tree portfast

radius server GOLDSRVDC02
   address ipv4 10.10.30.24 auth-port 1812 acct-port 1813
   key mactest123

Going to attach logs from this switch:

I've tried also collect logs from NPS but couldn't find anything

Perhaps you guys could help me =D 

Labels:
Preview file
4 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎09-12-2023 03:00 PM

how is the client authentication side setup ? and what client is this ?

check below config suggestion on NPS

https://integratingit.wordpress.com/2011/11/17/configuring-cisco-switch-dot1x-authentication-with-windows-nps-radius/

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

3 Replies 3

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎09-12-2023 03:00 PM

how is the client authentication side setup ? and what client is this ?

check below config suggestion on NPS

https://integratingit.wordpress.com/2011/11/17/configuring-cisco-switch-dot1x-authentication-with-windows-nps-radius/

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
gboliveira
Level 1
Level 1

‎09-14-2023 11:52 AM

Hello Balaji, thanks for fast reply. 

We tried to run this configuration again, but not success yet. 

As per I see on EventViewer windows there is no logs related to dot1x solicitations. 

Going to try do it again, maybe on another server.

0 Helpful

Go to solution
gboliveira
Level 1
Level 1

‎09-15-2023 11:21 AM

We are able to fix this problem on dot1x auth after change the requirements from "domain computers" to another group that was created and assigned for users. A Microsoft guy helped me with this troubleshoot and we made it. Next step it to assign dynamic vlans for those authentications.

Best Regards,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card