From: Tom Rogers (cccie71@yahoo.com)
Date: Sun Jun 13 2004 - 19:12:30 GMT-3
1) Dont configure radius server, it will not be found and next option will be taken.
2) Which ever is the last command router will take that
Dont forget to configure you siwtcport for dot1x
Nancy Khln <nancy_merill@yahoo.com> wrote:
Hi,
I am trying to authenticate a PC against a RADIUS authentication server, without configuring an IP address for the RADIUS server. The PC is connected to a 3550. When the PC first connects to the 3550, it begins in an unauthorized state which allows only the authentication packets to flow between the PC and the authenticator...after I enabled aaa, I created an authentication list
a)Switch(config)# aaa authentication dot1x default group radius none ------<-------contacts the server, if the server doesn't respond it will allow the user with no authentication
bSwitch(config)#aaa authentication dot1x default local none---------<-----use no authentication
Two questions:
1)The doc CD specifies that if we use a group radius, we must configure a RADIUS server by using the radius-server host command which requires an IP address...how can I meet the requirements without an IP address nor DNS.
2)Does it matter the order in which these commands are entered...in other words if I'd entered b before a, does it mean that the switch will never forward these packets to a server?
Anyone can clarify this ? Thanks a lot
---------------------------------
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger
---------------------------------
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:40 GMT-3