0 Replies Latest reply: Sep 30, 2015 9:38 AM by WizKid RSS

    802.1x authentication

    WizKid

      Hi all,

       

      We have 802.1x authentication setup on our switches.

       

      The switch ports have the following configured on them.

       

      switchport access vlan 5

      switchport mode access

      switchport nonegotiate

      switchport protected

      logging event link-status

      authentication port-control auto

      dot1x pae authenticator

      dot1x timeout tx-period 5

      dot1x max-req 3

      no cdp enable

      spanning-tree portfast

      spanning-tree bpduguard enable

      ip verify source

       

      Also, the network policy server is configured to assign VLAN 9 to the devices the authenticate successfully.

       

      I can't seem to find out that which one will take precedence? For example, if I connect a device to a switch port that has "switchport access vlan 5" configured but the network policy servers return VLAN 9 to the switch on successful authentication of the device then which VLAN will the switch put the device in?