Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,Is there a way of configuring a port to be untrusted with Catalyst 4507 Sup 6? I understand that the default behavior is to trust. Or is the only option to create a policy-map on each switch port and configure a default class-map which set DSCP va...
Hi,I have 802.1x and MAB configured. I added a second ACS server and added the definition on the switch.My issue is that the ACS works fine when it is configured as the primary option in the switch. But when it is configured as the backup and I force...
Hi,I have successfully configured my switch for 802.1x with mmulti-domain. The IP Phone and workstation gets assigned to ther respective VLANS. My issue is when I connect a sepearet hub to a switch port with multiple workstations connected to the hub...
Hi,I have PEAP-MSCHAPv2 working with user name, but can't seem to get "machine authentication only" working. I need to logon to the domain using username and password before it is 802.1x authenticated. I want 802.1x to authenticate using only machine...
Hi,I am unable to get my Cisco IP Phone to authenticate using MAB on ACS5.2. The phone is not being allocated to the Voice vlan, and hence not getting IP address from DHCP. My switch port config below:interface FastEthernet1/0/10 switchport access vl...
Hi Tiago,I was issuing application stop acs command and/or a reload on the server that I want to simulate a failure.Attached is the configuration of the switch and the two radius debug logs. Both ACS only works fine when it is defined as the primary ...
Thanks Tiago,So does this mean that I am unable to have multiple devices connected to a single switch port if I want to use a generic IP Phone switch port configuration.Is the port-security maximum command applicable?Thanks
Hi Tiago,Thanks for your reply. Some more questions.>If I ignore device type 2, and only consider device type 1, am I able to simply configure>802.1x for authentication based on machine against AD, without having to use any >certificates at all?>[Ans...
Hi,It is a 2811 running 12.5(15)T5. The CUCM is showing the registered gateway address as the loopback1 address, but the firewall is seeing serial ip address for the MGCP communications.The gateway was rebooted after the issue was first identified, b...
