The reason I'm asking is I'm trying to set up a Cisco Catalyst 2800 series router as an 802.1x supplicant. According to this document, http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_8021x/configuration/12-4/sec-user-8021x-12-4-book/sec-vpn-ac-802-1x.html, this feature has been supported since ios 12.4(6)T. I have ios 12.6(23)b, but when it try to enter the command "aaa authentication dot1x" i only get as far as being able to enter "aaa ?" The only option I have of entering after aaa is "new-model". Is this feature just not supported on this model router?
Asked
Active
Viewed 47 times
0
-
This is a question for Cisco support. – Neil Smithline Sep 23 '15 at 17:27
-
If I had an account with Cisco support I'd certainly ask them. However I don't. – Sep 23 '15 at 21:15
-
The problem is that this isn't an InfoSec question but a Cisco configuration question. – schroeder Sep 23 '15 at 22:43
2 Answers
2
Even though the device supports it, Cisco by default uses what I call "compatibility mode" for AAA, where it limits the feature set to the "old model".
Use the aaa new-model, then try again.
Theo
- 989
- 5
- 11
-
The aaa new-model command is even mentioned in the link he provided under the 'Enabling 802.1X Authentication' section... – cpt_fink Oct 01 '15 at 03:50
1
Try the Cisco feature navigator tool: http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp
gogasca
- 343
- 2
- 15