Dot1x on cisco 3560
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Fri Apr 25 11:14:19 CEST 2008
Hi,
> Mmmm is curious:
> 04-25-2008 10:27:16 Local7.Warning 172.29.11.1
> 67648: 070624: *Apr 14 13:06:59: %RADIUS-4-RADIUS_ALIVE: RADIUS
> server 172.29.11.7:1812,1813 has returned.
> 04-25-2008 10:27:16 Local7.Warning 172.29.11.1
> 67647: 070623: *Apr 14 13:06:59: %RADIUS-4-RADIUS_DEAD: RADIUS
> server 172.29.11.7:1812,1813 is not responding.
> Using debug in AAA on my switch.
>
> I have this radius settings on my cisco switch:
>
> #sh run | include radius
> aaa authentication dot1x default group radius
> aaa authorization network default group radius
> radius-server host 172.29.11.7 auth-port 1812 acct-port 1813 timeout 3
> radius-server key mecago
very sparse....what about eg
radius-server retransmit 2
radius-server timeout 2
radius-server deadtime 10
radius-server vsa send authentication
what do you have on the edge port for RADIUS? eg timeouts...
interface TenGigabitEthernet0/1
dot1x pae authenticator
dot1x port-control auto
dot1x timeout quiet-period 5
dot1x timeout tx-period 1
dot1x timeout reauth-period server
dot1x timeout supp-timeout 1
dot1x timeout server-timeout 5
dot1x max-req 3
dot1x max-reauth-req 1
dot1x guest-vlan XXX
dot1x reauthentication
dot1x auth-fail vlan XXX
<SNIP>
!
alan
More information about the Freeradius-Users
mailing list