From: Mohamed Radwan (abobakr.mohamed@gmail.com)
Date: Fri Nov 09 2007 - 11:23:02 ART
Hi Tarun, All,
I think the command
Switch(config-if)# dot1x auth-fail vlan 2
is not supported in 3550, can any one confirm this ?
Best Regards,
Mohamed
On 11/9/07, Tarun Pahuja <pahujat@gmail.com> wrote:
>
> Ashu,
> If you want Dot1x to do its job, you would have to put the port in
> "dot1x port-control Auto" mode. You have to use Radius to communicate with
> the authentication server, IETF Radius has unique attributes that
> facilitate
> Dot1x proper functioning. In an even the client fails the authentication
> process, you can always configure a Auth-fail Vlan for the client to fall
> into.
>
> Switch(config-if)# dot1x auth-fail vlan 2
> In this configuration the client would be put in vlan 2 if it fails the
> authentication process.
>
> HTH,
> Tarun
>
>
>
>
> On Nov 9, 2007 7:41 AM, ash tech <sordaf47@yahoo.com> wrote:
>
> > Hi all,
> >
> > I have a confusion in dot1x.
> >
> > If I am asked that the interface will be in unauthorised mode in
> beginning
> > and if the client fails authentication, it should escape to certain
> vlan.
> >
> > Do I need to configure the command?
> >
> > dot1x port-control force-unauthorized
> >
> > When should I configure a radius server??
> >
> > Ashu
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam? Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:29 ART