Hi there,
Here is my config:
switch S3500:
interface-profile tunneled-node-profile "default"
controller-ip 172.23.4.32
mtu 1500
interface-profile switching-profile "CORP"
access-vlan 200
native-vlan 200
trunk allowed vlan 1,200,300
interface gigabitethernet "0/0/46"
tunneled-node-profile "default"
poe-profile "poe-factory-initial"
qos-profile "default"
switching-profile "CORP"
no trusted port
Aruba Controller :
interface vlan 200
ip address 172.25.160.5 255.255.255.0
aaa profile "CORP prive-aaa_prof"
authentication-dot1x "CORP prive-dot1x_prof"
dot1x-default-role "Machine_CORP"
dot1x-server-group "CORP prive"
user-role "CORP public-guest-logon"
captive-portal "CORP public-cp_prof"
access-list session logon-control
access-list session captiveportal
user-role Machine_CORP
vlan 200
access-list session CORP_policy
;User auth Captive portal
aaa profile "Wired-aaa_prof"
initial-role "CORP public-guest-logon"
authentication-dot1x "default"
dot1x-default-role "Machine_CORP"
dot1x-server-group "CORP prive"
;---------------dot1x--------------------------
aaa authentication wired
profile "CORP prive-aaa_prof"
;machine connected to the port 0/0/46 on S3500
;Win7 auth dot1x on the wired network card is activated
;machine auth dot1x on win7 is NOT working
;----------------CP-----------------------------------------
aaa authentication wired
profile "Wired-aaa_prof"
;machine connected to the port 0/0/46 on S3500
;Win7 auth dot1x on the wired network card is disabled
;Captive portal user authentication is working correctly
Any idea why dot1x is not working with the wired access?
My goal is to have both authentication web and dot1x working for the wired access though if the machine did not authenticate
with dot1x then the user get the CP for user auth.
Please advise.