# EAP CONFIGURATION
#
eapol auto-isid-offset 9900000
eapol auto-isid-offset enable
eapol enable
interface GigabitEthernet 1/3
default-vlan-id 32
name "dot1x"
no shutdown
slpp-guard enable
spanning-tree bpduguard enable
spanning-tree mstp edge-port true
no spanning-tree mstp force-port-state enable
eapol guest-vlan 32
eapol fail-open-vlan 32
eapol guest-isid 1000032
eapol fail-open-isid 1000032
eapol radius-dynamic-server enable
eapol status auto
eapol multihost radius-non-eap-enable
eapol re-authentication-period 28800
eapol re-authentication enable
eapol traffic-control in
# RADIUS CONFIGURATION
#
radius server host 192.168.22.21 key ****** priority 1 retry 2 timeout 3
no radius server host 192.168.22.21 used-by cli acct-enable
radius server host 192.168.24.21 key ****** priority 2 retry 2 timeout 3
no radius server host 192.168.24.21 used-by cli acct-enable
radius server host 192.168.22.20 key ****** used-by eapol priority 1 retry 2 timeout 3
radius server host 192.168.24.20 key ****** used-by eapol priority 2 retry 2 timeout 3
radius server host 192.168.22.21 key ****** used-by web priority 1 retry 2 timeout 3
no radius server host 192.168.22.21 used-by web acct-enable
radius server host 192.168.24.21 key ****** used-by web priority 2 retry 2 timeout 3
no radius server host 192.168.24.21 used-by web acct-enable
radius enable
radius accounting enable
radius maxserver 6
radius reachability keep-alive-timer 30 unreachable-timer 30
radius reachability mode status-server
radius dynamic-server client 192.168.22.20 secret ****** enable
radius dynamic-server client 192.168.24.20 secret ****** enable
