Ah I see, I misunderstood. Thanks :)
On Sat, Oct 17, 2009 at 8:09 PM, ALL From_NJ <all.from.nj_at_gmail.com> wrote:
> Thanks Scott and Bryan.
>
> Bryan - yes I did. Check the link out ... most of the commands change
> after 12.2(50). No fun ... I should have stayed at an earlier version.
>
> Like Scott said, the docs are good. Also, in the past, I have found the
> docs to be pretty good WRT dot1x; actually all the switching docs are good.
> If you do not know the commands, you can follow the dot1x documentation
> pretty closely and it will walk you through. At least this has been my
> experience ...
>
> Many thanks guys, team,
>
> Andrew
>
> PS - looking forward to some reports and happy emails from takers of the
> new version! ;-)
>
>
>
> On Sat, Oct 17, 2009 at 10:39 PM, Bryan Bartik <bbartik_at_ipexpert.com>wrote:
>
>> Andrew,
>>
>> Did you configure the ports as access ports with "switchport mode access."
>> Depending on what version/model you have this may be necessary. Example:
>>
>> 3560 w/ 12.2(25) - Dot1x commands are not available until port is
>> configured as an access port.
>>
>> Cat2(config)#int f0/13
>> Cat2(config-if)#dot1x ?
>> % Unrecognized command
>>
>> Cat2(config-if)#swi mo ac
>> Cat2(config-if)#dot1x
>> Cat2(config-if)#dot1x ?
>> auth-fail Configure Authentication Fail values for this port
>> control-direction Set the control-direction on the interface
>> critical Enable 802.1x Critical Authentication
>> default Configure Dot1x with default values for this port
>> guest-vlan Configure Guest-vlan on this interface
>> host-mode Set the Host mode for 802.1x on this interface
>> max-reauth-req Max No.of Reauthentication Attempts
>> max-req Max No.of Retries
>> pae Set 802.1x interface pae type
>> port-control set the port-control value
>> reauthentication Enable or Disable Reauthentication for this port
>> timeout Various Timeouts
>>
>>
>> 3550 w/ 12.2(25) - Dot1x commands available without making port an access
>> port.
>>
>> Cat1#sho run int f0/13
>> Building configuration...
>>
>> Current configuration : 95 bytes
>> !
>> interface FastEthernet0/13
>> switchport mode dynamic desirable
>> spanning-tree guard root
>> end
>>
>> Cat1#conf t
>> Enter configuration commands, one per line. End with CNTL/Z.
>> Cat1(config)#int f0/13
>> Cat1(config-if)#dot1x ?
>> auth-fail Configure Authentication Fail values for this port
>> control-direction set the control-direction value
>> default Configure Dot1x with default values for this port
>> guest-vlan Configure Guest-vlan on this interface
>> host-mode Set the Host mode for 802.1x on this interface
>> max-reauth-req Max No. of Retries to supplicant
>> max-req Max No. of Retries to supplicant for EAP-Request
>> frames of
>> types other than EAP-Request/Identity
>> port-control set the port-control value
>> reauthentication Enable or Disable Reauthentication for this port
>> timeout Various Timeouts
>>
>> -hth
>>
>>
>> On Sat, Oct 17, 2009 at 6:46 PM, ALL From_NJ <all.from.nj_at_gmail.com>wrote:
>>
>>> Interesting discussion for sure ...
>>>
>>> I was working on some labs, and the labs had me configure some dot1x
>>> stuff.
>>> After I was pulling my hair out I decided to look over the solutions and
>>> what do you know .. these commands do not exist on my switch.
>>>
>>> If anyone hears of anything, please pass it on.
>>>
>>> Think I should learn both new and old commands? Please say no ... ;-)
>>>
>>> Andrew
>>>
>>>
>>>
>>>
>>> On Sat, Oct 17, 2009 at 9:01 PM, Marko Milivojevic <markom_at_markom.info
>>> >wrote:
>>>
>>> > On Sun, Oct 18, 2009 at 00:59, Joe Astorino <jastorino_at_ipexpert.com>
>>> > wrote:
>>> > > Where else would they put the information on switching though I
>>> wonder?
>>> > I
>>> > > understand things are moving more to the virtual environment, at
>>> least
>>> > for
>>> > > troubleshooting but lets face it, switching is still a big big part
>>> of
>>> > > things.
>>> >
>>> > I remember few years back it wasn't, actually. It was just called R&S,
>>> > but it was truly R exam.
>>> >
>>> > If they indeed change the number of switches to one, it would be back
>>> > to being pointless. Unless, of course, they don't come up with some
>>> > sort of a "data center" track and combine switching and storage there.
>>> > It may actually make some sense.
>>> >
>>> > --
>>> > Marko
>>> > CCIE #18427 (SP)
>>> > My network blog: http://cisco.markom.info/
>>> >
>>>
>>>
>>>
>>> --
>>> Andrew Lee Lissitz
>>> all.from.nj_at_gmail.com
>>>
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Bryan Bartik
>> CCIE #23707 (R&S), CCNP
>> Sr. Support Engineer - IPexpert, Inc.
>> URL: http://www.IPexpert.com
>>
>
>
>
> --
> Andrew Lee Lissitz
> all.from.nj_at_gmail.com
>
-- Bryan Bartik CCIE #23707 (R&S), CCNP Sr. Support Engineer - IPexpert, Inc. URL: http://www.IPexpert.com Blogs and organic groups at http://www.ccie.netReceived on Sat Oct 17 2009 - 20:21:31 ART
This archive was generated by hypermail 2.2.0 : Sun Nov 01 2009 - 07:51:00 ART