cancel
Showing results for 
Search instead for 
Did you mean: 

UAC IC4500 802.1x

pras_2903_
Occasional Contributor

UAC IC4500 802.1x

Dear all,

 

I am trying to deploy UAC 802.1x. I have successfly integrated active directory/Windows NT authentication realm with the company active directory.

I have also added the switch to radius and created all the user roles etc based on the quick guide.

 

The main issue i am facing is that once i assign the port under 802.1x, the PC is not able to reach any of the subnets, default gateway nor the UAC. I happen to get the APIPA ip address 169.254.x.x. if I remove my network cable and connect again.I have cross-checked the UAC quick guide and the settings. All seems ok. All the switches deployed in the company are Juniper JUNOS 10.4. UAC version is 3.1R3. I am deploying agentless authentication. Can anyone guide me what could be issue?

 

Secondly, using web access of any switches if my port is assigned on vlan 10 initially, i get the subnet of vlan 10. However if my port is changed to vlan 20 using webaccess, my ip address still remains that of vlan 10 (no reachability anywhere), i have to enable/disable my network adaptor so as to get correct subnet. Is this normal for Juniper switches? Is there a workaround?. In cisco basically when we change a vlan, we shut and no shut in cli. I am not familiar with Juniper switches.

 

Please guide me.

 

Prasanth George

 

 

3 REPLIES 3
Raveen_
Regular Contributor

Re: UAC IC4500 802.1x

What is the client OS?

Do you have DHCP relay agent configured in your network?

 

Regards,

Raveen

pras_2903_
Occasional Contributor

Re: UAC IC4500 802.1x

DHCP is configured on the core switches. I tried with OS windows 7 64 bit and Windows XP 32 bit.

 

The current deployment is that the only the UAC internal is connected to the core switches which is kept in management vlan.

All the subnets are accessible to the management vlan when the 802.1x is not enabled

 

Regards

Prasanth George

vclement_
Occasional Contributor

Re: UAC IC4500 802.1x

Can you copy a sampel of your EX configuration (protocols dot1x tree and a sample port configuration) to help understanding?

 

In UAC Logs, you confirm that the authentication is successfull and you are able to see that the correct vlan is sent to the EX?