From: Alex Steer (alex.steer@eison.co.uk)
Date: Sat Nov 10 2007 - 14:26:36 ART
Right ok, I've lost it!
I've had to walk all the way over to the switch (3 metres at least) and
plug my pc in and try it again....
Your absolutely right under the right circumstances (whatever kind of an
excuse that is ) It works first time no problems what so ever. I even
managed to join the dns domain "youdirtyboy!" and join a guest vlan,
though not at the same time unfortunately.
I hope your both happy! I feel belittled and am going to spend the rest
of the time that I should be studying thinking about how I can pay
William gates back for this insult!!! Have I gone too far? ;-)
To be fair windows was trying to distract me with it's little flashing
computers in the corner and saying abusive things to me like "validating
identity", the cheek. I actually did already have an address and could
ping "stuff"
So your both right and I'm both wrong J
Next question then. Without setting up radius, can I do local
authentication on the switch? If so, what do I need to trick
(configure) windows into doing? What the username/password/ "DOMAIN"
Bit all about?
Cheers guys
Alex
From: Tarun Pahuja [mailto:pahujat@gmail.com]
Sent: 10 November 2007 16:30
To: Alex Steer
Subject: Re: dot1x unauthorised mode
Make sure it gets an ipaddress and you should not have a problem pinging
the default gateway if dot1x authorizes you in the right vlan.
Thanks,
Tarun
On Nov 10, 2007 10:54 AM, Alex Steer <alex.steer@eison.co.uk> wrote:
Did that
From: Tarun Pahuja [mailto:pahujat@gmail.com]
Sent: 10 November 2007 15:14
To: Alex Steer
Subject: Re: dot1x unauthorised mode
You would have to configure DHCP scope for that vlan, so that the
machine can get an IPAddress after being authorized.
Thanks,
Tarun
On Nov 10, 2007 6:39 AM, Alex Steer <alex.steer@eison.co.uk> wrote:
Hi Tarun,
I was using local authentication on the switch but was really referring
to a local dirty vlan for unauthorised clients. The XP machine doesn't
want to work when it knows it has been authorised
From: Tarun Pahuja [mailto:pahujat@gmail.com]
Sent: 09 November 2007 18:21
To: Alex Steer
Cc: Sadiq Yakasai; Joseph Brunner; Joseph Saad; Mohamed Radwan; ash
tech; ccielab@groupstudy.com
Subject: Re: dot1x unauthorised mode
Alex,
Please make sure that you have configured windows XP,Switch and
the ACS correctly. They need to be working correctly for Dot1x to work.
Please follow the link to ensure that you have configured everything
correctly.
http://www.netcraftsmen.net/welcher/papers/dot1x-deploy.html
HTH,
Tarun
On Nov 9, 2007 12:35 PM, Alex Steer <alex.steer@eison.co.uk> wrote:
I've tried this but an XP machine knows it's been "naughty" and wont
send traffic without authorisation. (at least when I've tried it)
Anyone have a different experience?
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Sadiq Yakasai
Sent: 09 November 2007 15:53
To: Joseph Brunner
Cc: Joseph Saad; Mohamed Radwan; Tarun Pahuja; ash tech;
ccielab@groupstudy.com
Subject: Re: dot1x unauthorised mode
Hi Mohammed,
See the link below:
http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/relea
se/12.2_25_see/configuration/guide/sw8021x.html
<http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/rele
ase/12.2_25_see/configuration/guide/sw8021x.html>
HTH
This archive was generated by hypermail 2.1.4 : Sat Dec 01 2007 - 06:37:29 ART