About andrewjacobs

andrewjacobs · 08-09-2006

I'd like to use the downloadable ACL feature with a cut-through proxy, but instead of using a username/password I'd like the client to be authenticated to the ACS via the PIX using a smartcard certificate.Is this possible?

andrewjacobs · 08-01-2006

Does anyone know if using NAC L2 802.1x supports authenticating all clients on one port? Or is it similar Cisco's standard 802.1x support where after one device authenticates on a port, all are allowed access?Thanks for the help. I can't seem to fi...

andrewjacobs · 07-14-2006

Does any version of the IOS include a DNS server? To make a long story short, I just need one record to be resolved on a non-routed subnet and am hoping I have can have a router act as a DNS server.

user auth fails using 802.1x (EAP-TLS) · 06-21-2006

I'm currently testing 802.1x machine and user authentication using EAP-TLS. Right now I'm testing them separately, and machine auth works great, but user auth doesn't.Here's what I'm using:Smart Cards ->Built-in Microsoft XP supplicant ->Catalyst 400...

andrewjacobs · 08-14-2006

Essentially, you create a voice VLAN on your access port (the port where your phone plugs in), enable dot1x on it, plug your phone in and that's it. The phone sends a CDP packet to the switch identifying itself as a Cisco IP phone. The switch then ...

andrewjacobs · 08-01-2006

I did the tests with a 3750 and a 2950 and neither of them allowed access on the voice VLAN before 802.1x authentication succeeded. Looks like what I was seeing earlier was just a bug in the IOS on the 4006.But now the question is, what do people do...

andrewjacobs · 07-29-2006

Catalyst 4006 with a Supervisor III and IOS 12.2(25)EWA (the latest greatest)I plan on testing this on a 3550 to see if it is a bug with the 4006 or deliberate behavior. I'll let you know what I find.

andrewjacobs · 07-28-2006

I found my answer. The problem was with the Microsoft supplicant. It wasn't prompting me to type in the PIN to unlock the smart card, so it couldn't read the certificate and thus the EAP process was timing out.In order for the Windows supplicant to...

andrewjacobs · 07-28-2006

I'm researching implementing 802.1x with a Cisco switch (4006 with a Sup III and IOS 12.2(25)EWA) and Nortel wired IP phones (1140E's). I found a solution that seems to work, although I'm not sure if it's a bug or desired behavior on the switch's pa...

Member Since	‎05-24-2006 11:25 AM
Date Last Visited	‎08-18-2017 03:55 AM
Posts	9

User Statistics

User Activity

cut-through proxy w/ downloadable ACLs using smartcards?

NAC L2 802.1x supports multiple hosts per port?

DNS Server in IOS?

user auth fails using 802.1x (EAP-TLS)

Re: 802.1x help

Re: Will NAC work with non-Cisco IP phones & the devices behind

Re: Will NAC work with non-Cisco IP phones & the devices behind

Re: user auth fails using 802.1x (EAP-TLS)

Re: Will NAC work with non-Cisco IP phones & the devices behind