Announcement

Collapse
No announcement yet.

dot1x Guest Vlan problem

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • dot1x Guest Vlan problem

    Hello all.
    I am trying to implement dot1x in our company (using certificate).
    right now im stuck in the guest vlan process.
    when i am connecting one of the company computers its say granted access in the event viewer. - until now its ok.

    when im connecting a laptop that don't have a certificate its saying that "the computer dont have a certificate" - SO ITS OK TOO.

    now what i want to accomplish is the guest vlan to work! and now its not working

    i have added my cisco configuration for you to see..

    thank you very very much for help


    8021x#show run
    Building configuration...

    Current configuration : 3581 bytes
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname 8021x
    !
    enable secret 5 $1$HtAW$h3kVdFZu6LfGfxbCkOIfz.
    enable password [email protected]$#
    !
    username admin secret 5 $1$/1S5$/AbRJCDkamlGTfakXpMZ..
    aaa new-model
    aaa authentication dot1x default group radius
    !
    aaa session-id common
    system mtu routing 1500
    ip subnet-zero
    !
    ip dhcp pool net-1
    network 192.168.10.0 255.255.255.0
    default-router 192.168.10.1
    dns-server 194.90.1.5
    lease 0 4
    !
    !
    !
    !
    dot1x system-auth-control
    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    interface FastEthernet0/1
    switchport mode access
    dot1x pae authenticator
    dot1x port-control auto
    dot1x timeout quiet-period 10
    dot1x timeout tx-period 5
    dot1x max-req 3
    dot1x guest-vlan 99
    !
    interface FastEthernet0/2
    switchport mode access
    dot1x pae authenticator
    dot1x port-control auto
    dot1x guest-vlan 99
    dot1x auth-fail vlan 99
    !
    interface FastEthernet0/3
    switchport mode access
    dot1x pae authenticator
    dot1x port-control auto
    dot1x timeout quiet-period 10
    dot1x timeout tx-period 5
    dot1x max-req 3
    !
    interface FastEthernet0/4
    switchport mode access
    dot1x pae authenticator
    dot1x port-control auto
    dot1x timeout quiet-period 3
    dot1x timeout tx-period 15
    dot1x auth-fail vlan 1
    !
    interface FastEthernet0/5
    switchport mode access
    dot1x pae authenticator
    dot1x port-control auto
    dot1x timeout quiet-period 3
    dot1x timeout tx-period 15
    dot1x auth-fail vlan 1
    !
    interface FastEthernet0/6
    switchport mode access
    dot1x pae authenticator
    dot1x port-control auto
    dot1x timeout quiet-period 3
    dot1x timeout tx-period 15
    dot1x auth-fail vlan 1
    !
    interface FastEthernet0/7
    !
    interface FastEthernet0/8
    !
    interface FastEthernet0/9
    !
    interface FastEthernet0/10
    switchport mode access
    dot1x pae authenticator
    dot1x port-control auto
    dot1x guest-vlan 99
    !
    interface FastEthernet0/11
    !
    interface FastEthernet0/12
    !
    interface FastEthernet0/13
    !
    interface FastEthernet0/14
    !
    interface FastEthernet0/15
    !
    interface FastEthernet0/16
    !
    interface FastEthernet0/17
    !
    interface FastEthernet0/18
    !
    interface FastEthernet0/19
    !
    interface FastEthernet0/20
    !
    interface FastEthernet0/21
    !
    interface FastEthernet0/22
    !
    interface FastEthernet0/23
    !
    interface FastEthernet0/24
    !
    interface FastEthernet0/25
    !
    interface FastEthernet0/26
    !
    interface FastEthernet0/27
    !
    interface FastEthernet0/28
    !
    interface FastEthernet0/29
    !
    interface FastEthernet0/30
    !
    interface FastEthernet0/31
    !
    interface FastEthernet0/32
    !
    interface FastEthernet0/33
    !
    interface FastEthernet0/34
    !
    interface FastEthernet0/35
    !
    interface FastEthernet0/36
    !
    interface FastEthernet0/37
    !
    interface FastEthernet0/38
    !
    interface FastEthernet0/39
    !
    interface FastEthernet0/40
    !
    interface FastEthernet0/41
    !
    interface FastEthernet0/42
    !
    interface FastEthernet0/43
    !
    interface FastEthernet0/44
    !
    interface FastEthernet0/45
    !
    interface FastEthernet0/46
    !
    interface FastEthernet0/47
    !
    interface FastEthernet0/48
    !
    interface GigabitEthernet0/1
    !
    interface GigabitEthernet0/2
    !
    interface Vlan1
    ip address 142.186.15.28 255.255.255.128
    ip helper-address 142.186.15.9
    no ip route-cache
    !
    interface Vlan99
    ip address 192.168.10.1 255.255.255.0
    ip helper-address 142.186.15.28
    no ip route-cache
    !
    ip http server
    radius-server host 142.186.15.20 auth-port 1812 acct-port 1813 key DADADA
    radius-server source-ports 1645-1646
    !
    control-plane
    !
    !
    line con 0
    line vty 0 4
    password [email protected]#
    line vty 5 15
    password @#@!
    end
Working...
X