Showing results for 
Search instead for 
Did you mean: 


Hi, just to mention: I tested 802.1X fallback method WebAuth successfully on a Catalyst 3750, 12.2(55)SE3, while using Microsoft NPS Windows Server 2008R2 as the RADIUS-Server. You can step straight forward, but be careful when it comes to configuring dACL's in NPS: You have to enter these lines in the attribute values box (Cisco-AV-Pair):


auth-proxy:proxyacl#1=permit .....

auth-proxy:proxyacl#2=deny .....

(you may ommit leading "auth-proxy:", it did  work in my configuration). The important thing is that you cannot use "ip:inacl#1", but must use "proxyacl#1". I know that this is well-documented in 3750 manuals, but there are several articles on the web that explain NPS configuration with "ip:inacl#", which is wrong in the WebAuth context.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links