0 Replies Latest reply: Sep 30, 2015 9:38 AM by WizKid RSS

    802.1x authentication


      Hi all,


      We have 802.1x authentication setup on our switches.


      The switch ports have the following configured on them.


      switchport access vlan 5

      switchport mode access

      switchport nonegotiate

      switchport protected

      logging event link-status

      authentication port-control auto

      dot1x pae authenticator

      dot1x timeout tx-period 5

      dot1x max-req 3

      no cdp enable

      spanning-tree portfast

      spanning-tree bpduguard enable

      ip verify source


      Also, the network policy server is configured to assign VLAN 9 to the devices the authenticate successfully.


      I can't seem to find out that which one will take precedence? For example, if I connect a device to a switch port that has "switchport access vlan 5" configured but the network policy servers return VLAN 9 to the switch on successful authentication of the device then which VLAN will the switch put the device in?