Re: DOT1x on 3750

Thanks very much Jay.
Does anyone know the exact IOS version of the lab?
I see on the blueprint doc that it just says 12.2.

On Sat, Jul 10, 2010 at 12:16 PM, Jay McMickle <jay.mcmickle_at_yahoo.com>wrote:

> You need to run 122-35.SE5, but less than 12.2.53 code, on the 3560's and
> 3750's.
>
> Further note- You need at least c3560-advipservicesk9-mz.122-40.SE to
> enable LLDP, but I haven't tested to see if dot1x port-control and LLDP are
> both in this IOS version. There is a task on one of my CCIE R&S lab prep
> material, though, for both functions to be implemented.
>
>
>
> Regards,
> Jay McMickle- CCNP, CCSP, MCSE
>
>
>
>
> ------------------------------
> *From:* Dominic Zeni <Dominic_at_lookingpoint.com>
> *To:* "Grammer, Christopher" <cgrammer_at_essilorusa.com>
> *Cc:* "ccielab_at_groupstudy.com" <ccielab_at_groupstudy.com>
> *Sent:* Fri, July 9, 2010 10:53:40 AM
>
> *Subject:* Re: DOT1x on 3750
>
> I believe the command set syntax has changed in newer IOS. Under your
> interface, try "authentication ?"
>
> Dom
>
> This was sent from my mobile device.
>
> On Jul 9, 2010, at 8:50 AM, "Grammer, Christopher" <
> cgrammer_at_essilorusa.com
> > wrote:
>
> > I am using 2 3750s some of my studies, but I can not seem to get Dot1x
> > commands under the interface.
> > I think I am missing something specific to the 3750, but I dont know
> > what.
> > I did a brief internet search and saw a few people having this issue
> > but
> > never saw a resolution.
> >
> > Globally I configure:
> >
> > dot1x system-auth-control
> > dot1x guest-vlan supplicant
> >
> > when I go to the interface I set the switchport mode to access
> >
> > int fa1/0/24
> > switchport mode access
> >
> > Then the only thing i get for dot1x commands is:
> >
> > SW2(config-if)#dot1x ?
> > credentials Credentials profile configuration
> > default Configure Dot1x with default values for this port
> > max-reauth-req Max No.of Reauthentication Attempts
> > max-req Max No.of Retries
> > max-start Max No. of EAPOL-Start requests
> > pae Set 802.1x interface pae type
> > supplicant Configure supplicant parameters
> > timeout Various Timeouts
> >
> >
> > I do the exact same thing on a 3550 and everything works as expected:
> >
> > SW3(config-if)#dot1x ?
> > auth-fail Configure Authentication Fail values for this port
> > control-direction Set the control-direction on the interface
> > critical Enable 802.1x Critical Authentication
> > default Configure Dot1x with default values for this port
> > fallback Enable the Webauth fallback mechanism
> > guest-vlan Configure Guest-vlan on this interface
> > host-mode Set the Host mode for 802.1x on this interface
> > mac-auth-bypass Enable MAC Auth Bypass
> > max-reauth-req Max No.of Reauthentication Attempts
> > max-req Max No.of Retries
> > pae Set 802.1x interface pae type
> > port-control set the port-control value
> > reauthentication Enable or Disable Reauthentication for this port
> > timeout Various Timeouts
> > violation-mode Set the Security Violation mode on this interface
> >
> >
> > I have checked the IOS on the 3750 and here is the sh ver
> >
> >
> > SW2#sh ver
> > Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version
> > 12.2(53)SE2, RELEASE SOFTWARE (fc3)
> > Technical Support: http://www.cisco.com/techsupport
> > Copyright (c) 1986-2010 by Cisco Systems, Inc.
> > Compiled Wed 21-Apr-10 04:49 by prod_rel_team
> > Image text-base: 0x01000000, data-base: 0x02F00000
> >
> > ROM: Bootstrap program is C3750 boot loader
> > BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(44)SE5,
> > RELEASE
> > SOFTWARE (fc1)
> >
> > SW2 uptime is 1 hour, 7 minutes
> > System returned to ROM by power-on
> > S
> > *Mar 1 01:07:17.319: %SYS-5-CONFIG_I: Configured from console by
> > consoleystem image file is "flash:/c3750-ipservicesk9-mz.
> > 122-53.SE2.bin"
> >
> >
> > cisco WS-C3750-24P (PowerPC405) processor (revision M0) with 131072K
> > bytes
> > of memory.
> > Processor board ID FDO1243Y0HE
> > Last reset from power-on
> > 1 Virtual Ethernet interface
> > 24 FastEthernet interfaces
> > 2 Gigabit Ethernet interfaces
> > The password-recovery mechanism is enabled.
> >
> > 512K bytes of flash-simulated non-volatile configuration memory.
> > Base ethernet MAC Address : 00:24:13:2E:C0:00
> > Motherboard assembly number : 73-9672-11
> > Power supply part number : 341-0029-05
> > Motherboard serial number : FDO12460DZY
> > Power supply serial number : DTN124143JZ
> > Model revision number : M0
> > Motherboard revision number : A0
> > Model number : WS-C3750-24PS-S
> > System serial number : ****************
> > Top Assembly Part Number : 800-25860-05
> > Top Assembly Revision Number : C0
> > Version ID : V06
> > CLEI Code Number : COMU410ARA
> > Hardware Board Revision Number : 0x01
> >
> >
> > Switch Ports Model SW Version SW Image
> >
> > ------ ----- ----- ---------- ----------
> >
> > * 1 26 WS-C3750-24P 12.2(53)SE2 C3750-
> > IPSERVICESK9-M
> >
> >
> >
> > Configuration register is 0xF
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
>
>
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Sat Jul 10 2010 - 12:26:17 ART