I am trying to deploy UAC 802.1x. I have successfly integrated active directory/Windows NT authentication realm with the company active directory.
I have also added the switch to radius and created all the user roles etc based on the quick guide.
The main issue i am facing is that once i assign the port under 802.1x, the PC is not able to reach any of the subnets, default gateway nor the UAC. I happen to get the APIPA ip address 169.254.x.x. if I remove my network cable and connect again.I have cross-checked the UAC quick guide and the settings. All seems ok. All the switches deployed in the company are Juniper JUNOS 10.4. UAC version is 3.1R3. I am deploying agentless authentication. Can anyone guide me what could be issue?
Secondly, using web access of any switches if my port is assigned on vlan 10 initially, i get the subnet of vlan 10. However if my port is changed to vlan 20 using webaccess, my ip address still remains that of vlan 10 (no reachability anywhere), i have to enable/disable my network adaptor so as to get correct subnet. Is this normal for Juniper switches? Is there a workaround?. In cisco basically when we change a vlan, we shut and no shut in cli. I am not familiar with Juniper switches.
Please guide me.
DHCP is configured on the core switches. I tried with OS windows 7 64 bit and Windows XP 32 bit.
The current deployment is that the only the UAC internal is connected to the core switches which is kept in management vlan.
All the subnets are accessible to the management vlan when the 802.1x is not enabled
Can you copy a sampel of your EX configuration (protocols dot1x tree and a sample port configuration) to help understanding?
In UAC Logs, you confirm that the authentication is successfull and you are able to see that the correct vlan is sent to the EX?