Re: 802.1x Interpretation

From: Noel Debouver III (noeldebouveriii@yahoo.com)
Date: Sat Jan 06 2007 - 14:06:24 ART

• Next message: Edison Ortiz: "Re: EIGRP hop count"
• Previous message: Bit Gossip: "RE: EIGRP hop count"
• Maybe in reply to: Noel Debouver III: "802.1x Interpretation"
• Next in thread: Michy Eika: "Re: 802.1x Interpretation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

http://www.cisco.com/application/pdf/en/us/guest/products/ps5619/c1262/cdccon
t_0900aecd800ce53b.pdf

This is what I am referring to.

Listen if it on
Cisco's Website it is not the lab exam.

People keep asking me where I get my
questions from.

Go to the source www.cisco.com

----- Original Message ----
From: Noel Debouver III <noeldebouveriii@yahoo.com>
To: Ivan <ivan@iip.net>;
ccielab@groupstudy.com
Sent: Friday, January 5, 2007 7:34:34 PM
Subject: Re:
802.1x Interpretation

Yes, I did not include my local user database
information. Part of the
scenario involves defining 2 users and with
different access levels. My
example config came from a Cisco NAC document
from Cisco.com.

-----
Original Message ----
From: Ivan <ivan@iip.net>
To:
ccielab@groupstudy.com;
Noel Debouver III <noeldebouveriii@yahoo.com>
Sent:
Friday, January 5, 2007
6:20:11 PM
Subject: Re: 802.1x Interpretation

Think
that you missed up about
failed authorization. Failed authorization and
client dont have dot1x support
is differ each other.
dot1x auth-fail vlan 55 -
for client wich failed auth
proccess
dot1x guest vlan 11 - for client wich not
dot1x-capable

also you
don't allowed using auth server.
May be need
something like this
aaa
authentication login def local
aaa authorization netw
def if-auth

On Saturday
06 January 2007 02:00, Noel Debouver III wrote:
>
Configure F0/1 for
authorization clients with dot1x. Interface must be in
>
unauthorized mode.
If client is failed authorization, then he must be in
>
VLAN_55
> Users don"t
have dot1x also must be in VLAN_11 NOTE: you are not
>
allowed to configure
aaa authentication server for this task.
>
> I'm
thinking:
> dot1x
system-auth-control
> dot1 guest-vlan supplicant
>
> aaa
new-model
> aaa
>
authentication login default none
> aaa authentication dot1x
default group
>
radius
>
> int F0/1
> dot1x port control auto
> dot1x
guest-vlan 11
>
>
> What
I am
> asking is would you interpret the question the
same way? Why or why
not?
> Would you configure it differently, why or why
not?
>
> Your help would
be
> appreciated.
>
>

• Next message: Edison Ortiz: "Re: EIGRP hop count"
• Previous message: Bit Gossip: "RE: EIGRP hop count"
• Maybe in reply to: Noel Debouver III: "802.1x Interpretation"
• Next in thread: Michy Eika: "Re: 802.1x Interpretation"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Feb 08 2007 - 23:46:55 ART