Re: dot1x missing?

See my other reply.

Cat3560-2(config-if)#do sho ver | in image
System image file is
"flash:c3560-ipservicesk9-mz.122-25.SEB4/c3560-ipservicesk9-mz.122-25.SEB4.bin"
Cat3560-2(config-if)#

-Hammer-

"I was a normal American nerd"
-Jack Herer

On 07/22/2011 01:22 PM, garry baker wrote:
> this is what i get when i use the same commands:
> Switch(config-if)#dot1x port-control force-authorized
> Switch(config-if)#do sh run int g1/0/11
> Building configuration...
> Current configuration : 118 bytes
> !
> interface GigabitEthernet1/0/11
> switchport mode access
> dot1x pae authenticator
> dot1x violation-mode protect
> end
> Switch(config-if)#do sh run | in dot
> aaa authentication dot1x default group radius
> dot1x system-auth-control
> dot1x pae authenticator
> dot1x violation-mode protect
> Switch(config-if)#do sh dot1x
> Sysauthcontrol Enabled
> Dot1x Protocol Version 2
> Critical Recovery Delay 100
> Critical EAPOL Disabled
> Switch(config-if)#do sh dot1x all
> Sysauthcontrol Enabled
> Dot1x Protocol Version 2
> Critical Recovery Delay 100
> Critical EAPOL Disabled
> Dot1x Info for GigabitEthernet1/0/11
> -----------------------------------
> PAE = AUTHENTICATOR
> PortControl = FORCE_AUTHORIZED
> ControlDirection = Both
> HostMode = SINGLE_HOST
> Violation Mode = PROTECT
> ReAuthentication = Disabled
> QuietPeriod = 60
> ServerTimeout = 30
> SuppTimeout = 30
> ReAuthPeriod = 3600 (Locally configured)
> ReAuthMax = 2
> MaxReq = 2
> TxPeriod = 30
> RateLimitPeriod = 0
> Switch(config-if)#
> Switch(config-if)#do sh ver
> Cisco IOS Software, C3750 Software (C3750-IPSERVICESK9-M), Version
> 12.2(44)SE2, RELEASE SOFTWARE (fc2)
>
> --
> Garry L. Baker
>
> "With sufficient thrust, pigs fly just fine..." - RFC 1925
>
>
>
> On Fri, Jul 22, 2011 at 8:53 PM, -Hammer- <bhmccie_at_gmail.com
> <mailto:bhmccie_at_gmail.com>> wrote:
>
> I know the trick that dot1x commands won't show up on an interface
> until
> it's in access but am I missing something else here?
> Port enabled
> Dot1x enabled
> port in access mode
> dot1x configuration to port - FAIL
>
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> Cat3560-2(config)#do sho run | in dot
> aaa authentication dot1x default group radius
> dot1x system-auth-control
> vlan dot1q tag native
> Cat3560-2(config)#do sho run int gi0/6
> Building configuration...
>
> Current configuration : 110 bytes
> !
> interface GigabitEthernet0/6
> description R6 Fa0/0
> switchport access vlan 567
> switchport mode access
> end
>
> Cat3560-2(config)#int gi0/6
> Cat3560-2(config-if)#dot1x port-control force-author
> Cat3560-2(config-if)#do sho run int gi0/6
> Building configuration...
>
> Current configuration : 110 bytes
> !
> interface GigabitEthernet0/6
> description R6 Fa0/0
> switchport access vlan 567
> switchport mode access
> end
>
> Cat3560-2(config-if)#
> Cat3560-2(config-if)#do sho dot1x
> Sysauthcontrol = Enabled
> Supplicant Allowed In Guest Vlan = Disabled
> Dot1x Protocol Version = 1
> Dot1x Oper Controlled Directions = Both
> Dot1x Admin Controlled Directions = Both
>
> Cat3560-2(config-if)#do sho dot1x all
> No Dot1x Configuration exists
> Cat3560-2(config-if)#
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>
>
>
> --
>
>
> -Hammer-
>
> "I was a normal American nerd"
> -Jack Herer
>
>
> Blogs and organic groups at http://www.ccie.net <http://www.ccie.net/>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Fri Jul 22 2011 - 13:25:38 ART