0

I am trying to set up a RADIUS server for 802.1x NAC over a Cisco IE 3000 Network Switch, using freeRadius to implement it.

I know the switch knows where the RADIUS server is because I set up the switch to authenticate the enable and login passwords to be authenticated through the server. However, when I plug in a supplicant in on one of the supplicant-designated switches, it sends a EAPOL Start request to Nearest, according to Wireshark. The switch does not see the attempts to send this request.

What configuration option, on either the supplicant end or the switch end, do I need to change in order for the request for authentication to be sent from the supplicant to the RADIUS server?

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
Alex
  • 11
  • 3

1 Answers1

0

It's not enough to define radius servers and 802.1x related interface parameters. Make sure that you configured AAA lists for 802.1x

aaa authentication dot1x default group <your radius group for dot1x name>
aaa authorization network default group <your radius group for dot1x name>
aaa accounting dot1x default start-stop group <your radius group for dot1x name>
Max Doronin
  • 1