[OSL | CCIE_Security] dot1x netwok authorization

Imre Oszkar Fri, 06 Jul 2012 18:03:15 -0700

Hi guys,

Can someone give an explanation why the RADIUS attributes pushed down by
ACS take effect even if I have the network authorization configured for
local?


aaa new-model
aaa authentication dot1x default group radius
*aaa authorization network default local *

interface FastEthernet0/15
 description TEST PC
 switchport access vlan 5
 switchport mode access
 dot1x mac-auth-bypass
 dot1x pae authenticator
 dot1x port-control auto
 dot1x violation-mode protect
 spanning-tree portfast



*Mar  1 01:09:57.055: RADIUS:   03 08 00 04
*Mar  1 01:09:57.055: RADIUS:  Tunnel-Type         [64]  6   01:VLAN
            [13]
*Mar  1 01:09:57.055: RADIUS:  Tunnel-Medium-Type  [65]  6   01:ALL_802
           [6]
*Mar  1 01:09:57.055: RADIUS:  Tunnel-Private-Group[81]  5   01:"55"
*Mar  1 01:09:57.055: RADIUS:  Class               [25]  26

show vlan brief  | i 15

55   VLAN0055                         active    Fa0/15


Thanks!

_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Are you a CCNP or CCIE and looking for a job? Check out 
www.PlatinumPlacement.com

[OSL | CCIE_Security] dot1x netwok authorization

Reply via email to