UAC vlans

  • Just got a new IC4000. I’ve been playing around with the 802.1x authentication using my 6509 as the radius client. The problem is this: Users who access certain protected resources will be plugging into an 802.1x enabled switch port and after authenticating, they will be put on a different subnet and vlan from regular employees. They need to use their OAC/UAC client to authenticate before getting to the DHCP server that I have configured on that segment. I’m having an issue with the OAC not being able to contact the IC. When I’m not running any 802.1x except the native windows one, the EAP and RADIUS messages are flying around, but when I use the OAC, it just says that it can’t contact the server, and poof, no connectivity.

    The setup on OAC is fairly simple. I have a profile set to use a system local account, connect to the IC’s IP address under URL, use the hostname juniper, and to use the PC’s wireless adapter. The switch has been config’d to use dot1x, set up as a radius client, and had the ports and mode verified. What am I missing?