Hi, I just did a lab using cat3, acs, acs and xp for setting up an 802.1x environment. Everything works fine, I could assing different vlans based on the user credentials, DHCP included running on the switch. Here's the configuration of the port facing to the xp ws.
cat3#sh run int fa 0/15 Building configuration... Current configuration : 184 bytes ! interface FastEthernet0/15 switchport mode access dot1x pae authenticator dot1x port-control auto dot1x violation-mode protect dot1x guest-vlan 66 dot1x auth-fail vlan 66 end cat3# I extended it using an auth-fail and guest-vlan. Just for my understanding: I could use the guest vlan to e. g. sperating guests from my lan and only allowing them internet access or something like this. The auth-fail vlan is used, when the authentication fails. If none is set, the port has no access. Is this correct? TIA! Cheers Simon _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
