Re: Version of code for switches ... Dot1x

Unbelievable.

( *grin* )

On Sun, Oct 18, 2009 at 03:21, Bryan Bartik <bbartik_at_ipexpert.com> wrote:
> Ah I see, I misunderstood. Thanks :)
>
> On Sat, Oct 17, 2009 at 8:09 PM, ALL From_NJ <all.from.nj_at_gmail.com> wrote:
>>
>> Thanks Scott and Bryan.
>>
>> Bryan - yes I did.B Check the link out ... most of the commands change
>> after 12.2(50).B No fun ... I should have stayed at an earlier version.
>>
>> Like Scott said, the docs are good.B Also, in the past, I have found the
>> docs to be pretty good WRT dot1x; actually all the switching docs are good.
>> If you do not know the commands, you can follow the dot1x documentation
>> pretty closely and it will walk you through.B At least this has been my
>> experience ...
>>
>> Many thanks guys, team,
>>
>> Andrew
>>
>> PS - looking forward to some reports and happy emails from takers of the
>> new version! ;-)
>>
>>
>>
>> On Sat, Oct 17, 2009 at 10:39 PM, Bryan Bartik <bbartik_at_ipexpert.com>
>> wrote:
>>>
>>> Andrew,
>>>
>>> Did you configure the ports as access ports with "switchport mode
>>> access." Depending on what version/model you have this may be necessary.
>>> Example:
>>>
>>> 3560 w/ 12.2(25) - Dot1x commands are not available until port is
>>> configured as an access port.
>>>
>>> Cat2(config)#int f0/13
>>> Cat2(config-if)#dot1x ?
>>> % Unrecognized command
>>>
>>> Cat2(config-if)#swi mo ac
>>> Cat2(config-if)#dot1x
>>> Cat2(config-if)#dot1x ?
>>> B auth-failB B B B B B B B B Configure Authentication Fail values for this port
>>> B control-directionB Set the control-direction on the interface
>>> B criticalB B B B B B B B B B Enable 802.1x Critical Authentication
>>> B defaultB B B B B B B B B B B Configure Dot1x with default values for this port
>>> B guest-vlanB B B B B B B B Configure Guest-vlan on this interface
>>> B host-modeB B B B B B B B B Set the Host mode for 802.1x on this interface
>>> B max-reauth-reqB B B B Max No.of Reauthentication Attempts
>>> B max-reqB B B B B B B B B B B Max No.of Retries
>>> B paeB B B B B B B B B B B B B B B Set 802.1x interface pae type
>>> B port-controlB B B B B B set the port-control value
>>> B reauthenticationB B Enable or Disable Reauthentication for this port
>>> B timeoutB B B B B B B B B B B Various Timeouts
>>>
>>>
>>> 3550 w/ 12.2(25) - Dot1x commands available without making port an access
>>> port.
>>>
>>> Cat1#sho run int f0/13
>>> Building configuration...
>>>
>>> Current configuration : 95 bytes
>>> !
>>> interface FastEthernet0/13
>>> B switchport mode dynamic desirable
>>> B spanning-tree guard root
>>> end
>>>
>>> Cat1#conf t
>>> Enter configuration commands, one per line.B End with CNTL/Z.
>>> Cat1(config)#int f0/13
>>> Cat1(config-if)#dot1x ?
>>> B auth-failB B B B B B B B B Configure Authentication Fail values for this port
>>> B control-directionB set the control-direction value
>>> B defaultB B B B B B B B B B B Configure Dot1x with default values for this port
>>> B guest-vlanB B B B B B B B Configure Guest-vlan on this interface
>>> B host-modeB B B B B B B B B Set the Host mode for 802.1x on this interface
>>> B max-reauth-reqB B B B Max No. of Retries to supplicant
>>> B max-reqB B B B B B B B B B B Max No. of Retries to supplicant for EAP-Request
>>> frames of
>>> B B B B B B B B B B B B B B B B B B B B types other than EAP-Request/Identity
>>> B port-controlB B B B B B set the port-control value
>>> B reauthenticationB B Enable or Disable Reauthentication for this port
>>> B timeoutB B B B B B B B B B B Various Timeouts
>>>
>>> -hth
>>>
>>>
>>> On Sat, Oct 17, 2009 at 6:46 PM, ALL From_NJ <all.from.nj_at_gmail.com>
>>> wrote:
>>>>
>>>> Interesting discussion for sure ...
>>>>
>>>> I was working on some labs, and the labs had me configure some dot1x
>>>> stuff.
>>>> After I was pulling my hair out I decided to look over the solutions and
>>>> what do you know .. these commands do not exist on my switch.
>>>>
>>>> If anyone hears of anything, please pass it on.
>>>>
>>>> Think I should learn both new and old commands? B Please say no ... ;-)
>>>>
>>>> Andrew
>>>>
>>>>
>>>>
>>>>
>>>> On Sat, Oct 17, 2009 at 9:01 PM, Marko Milivojevic
>>>> <markom_at_markom.info>wrote:
>>>>
>>>> > On Sun, Oct 18, 2009 at 00:59, Joe Astorino <jastorino_at_ipexpert.com>
>>>> > wrote:
>>>> > > Where else would they put the information on switching though I
>>>> > > wonder?
>>>> > I
>>>> > > understand things are moving more to the virtual environment, at
>>>> > > least
>>>> > for
>>>> > > troubleshooting but lets face it, switching is still a big big part
>>>> > > of
>>>> > > things.
>>>> >
>>>> > I remember few years back it wasn't, actually. It was just called R&S,
>>>> > but it was truly R exam.
>>>> >
>>>> > If they indeed change the number of switches to one, it would be back
>>>> > to being pointless. Unless, of course, they don't come up with some
>>>> > sort of a "data center" track and combine switching and storage there.
>>>> > It may actually make some sense.
>>>> >
>>>> > --
>>>> > Marko
>>>> > CCIE #18427 (SP)
>>>> > My network blog: http://cisco.markom.info/
>>>> >
>>>>
>>>>
>>>>
>>>> --
>>>> Andrew Lee Lissitz
>>>> all.from.nj_at_gmail.com
>>>>
>>>>
>>>> Blogs and organic groups at http://www.ccie.net
>>>>
>>>> _______________________________________________________________________
>>>> Subscription information may be found at:
>>>> http://www.groupstudy.com/list/CCIELab.html
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Bryan Bartik
>>> CCIE #23707 (R&S), CCNP
>>> Sr. Support Engineer - IPexpert, Inc.
>>> URL: http://www.IPexpert.com
>>
>>
>>
>> --
>> Andrew Lee Lissitz
>> all.from.nj_at_gmail.com
>
>
>
> --
> Bryan Bartik
> CCIE #23707 (R&S), CCNP
> Sr. Support Engineer - IPexpert, Inc.
> URL: http://www.IPexpert.com

Blogs and organic groups at http://www.ccie.net
Received on Sun Oct 18 2009 - 09:28:07 ART