Manual
+7(495) 797-3311 www.qtech.ru
Москва, Новозаводская ул., 18, стр. 1
339
Switch(config)#radius-server authentication host 2004:1:2:3::3
Switch(config)#radius-server accounting host 2004:1:2:3::3
Switch(config)#radius-server key test
Switch(config)#aaa enable
Switch(config)#aaa-accounting enable
Switch(config)#dot1x enable
Switch(config)#interface ethernet 1/2
Switch(Config-If-Ethernet1/2)#dot1x enable
Switch(Config-If-Ethernet1/2)#dot1x port-control auto
Switch(Config-If-Ethernet1/2)#exit
40.4 802.1x Troubleshooting
It is possible that 802.1x be configured on ports and 802.1x authentication be set to auto, t
switch can’t be to authenticated state after the user runs 802.1x supplicant software. Here are
some possible causes and solutions:
If 802.1x cannot be enabled for a port, make sure the port is not executing MAC
binding, or configured as a port aggregation. To enable the 802.1x authentication, the
above functions must be disabled.
If the switch is configured properly but still cannot pass through authentication,
connectivity between the switch and RADIUS server, the switch and 802.1x client
should be verified, and the port and VLAN configuration for the switch should be
checked, too.
Check the event log in the RADIUS server for possible causes. In the event log, not
only unsuccessful logins are recorded, but prompts for the causes of unsuccessful
login. If the event log indicates wrong authenticator password, radius-server key
parameter shall be modified; if the event log indicates no such authenticator, the
authenticator needs to be added to the RADIUS server; if the event log indicates no
such login user, the user login ID and password may be wrong and should be verified
and input again.