Hi, I'm currently implementing dot1x for our wired and wireless infrastructure (various Cisco switches, mostly 4500 and Cisco 5508 Wireless LAN Controllers). I've installed radiator in a Debian 6 VM with openssl 1.0.0d from testing for CRL reloading support although I'm not sure if this is still necessary as Radiator logs reloading CRL messages.
Everything is working good so far but for the case that a non-company client has dot1x enabled on the interface I'd like to switch the port to our guest lan. This is working fine on the switch, but a Windows 7 client receives the EAP auth failure from Radiator and doesn't try to send a dhcp request although the switch port has already been set to the guest lan. Is there a solution for this problem? For the wireless part we're getting the following error on the WLC: %DOT1X-3-AUTHKEY_TX_TRANS_ERR: 1x_kxsm.c:128 Authentication state transition to state 0 failed; port status 0, key available 1, key tx enabled 1 If someone encountered this error and knows a solution while we wait for the Cisco TAC please respond! Thanks! -- Best regards, Alex *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien Handelsgericht Wien, FN 79340b *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* Notice: This e-mail contains information that is confidential and may be privileged. If you are not the intended recipient, please notify the sender and then delete this e-mail immediately. *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
