EAP doest work with Cisco Catalyst 2950?

James J J Hooper jjj.hooper at bristol.ac.uk
Thu Jul 27 10:40:35 CEST 2006

--On Wednesday, 26 July 2006 18:39 -0700 Thai Duong <thaidn at yahoo.com> 

> --- Josh Howlett <josh.howlett at bristol.ac.uk> wrote:
>> Is there a RADIUS or EAP timer set on the switch?
>> If it's set too low, the switch might be ignoring
>> the Access-
>> Challenge from the server.
>> best regards, josh.
> Yup there're some timers on the switch but as far as I
> know they have no effect on the communication between
> the switch and the server. Is there anybody here had
> used Catalyst 2950 with freeradius before? Searching
> Google reveals that people seems only configure
> EAP/TLS to protect wireless LAN, not wired LAN. Where
> can I find a sucessful EAP/TLS setup with details
> about hardware/software components?

  We had similar problems. An example of what we put in the switch config 
to get it to work is here:

... as Josh said - pay particular attention to the dot1x & radius server 
timeout settings - we found the cisco defaults be be generally broken.


James J J Hooper,
Information Services
University of Bristol

More information about the Freeradius-Users mailing list