Enabling it globally?
Please hammer, don't hurt 'em!
Aaa new-model
Aaa authen dot1x default group radius
dot1x system-auth-control
Now you're "too legit to quit" and you "can touch this"
-joe
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of -Hammer-
Sent: Friday, July 22, 2011 1:53 PM
To: ccielab_at_groupstudy.com
Subject: dot1x missing?
I know the trick that dot1x commands won't show up on an interface until
it's in access but am I missing something else here?
Port enabled
Dot1x enabled
port in access mode
dot1x configuration to port - FAIL
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Cat3560-2(config)#do sho run | in dot
aaa authentication dot1x default group radius
dot1x system-auth-control
vlan dot1q tag native
Cat3560-2(config)#do sho run int gi0/6
Building configuration...
Current configuration : 110 bytes
!
interface GigabitEthernet0/6
description R6 Fa0/0
switchport access vlan 567
switchport mode access
end
Cat3560-2(config)#int gi0/6
Cat3560-2(config-if)#dot1x port-control force-author
Cat3560-2(config-if)#do sho run int gi0/6
Building configuration...
Current configuration : 110 bytes
!
interface GigabitEthernet0/6
description R6 Fa0/0
switchport access vlan 567
switchport mode access
end
Cat3560-2(config-if)#
Cat3560-2(config-if)#do sho dot1x
Sysauthcontrol = Enabled
Supplicant Allowed In Guest Vlan = Disabled
Dot1x Protocol Version = 1
Dot1x Oper Controlled Directions = Both
Dot1x Admin Controlled Directions = Both
Cat3560-2(config-if)#do sho dot1x all
No Dot1x Configuration exists
Cat3560-2(config-if)#
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-- -Hammer- "I was a normal American nerd" -Jack Herer Blogs and organic groups at http://www.ccie.netReceived on Fri Jul 22 2011 - 18:18:02 ART
This archive was generated by hypermail 2.2.0 : Mon Aug 01 2011 - 06:30:06 ART