Damien/arista-evpn-vxlan-clab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
35fdaba993c24cdc6b56e391758c42cd7e05d9f2
arista-evpn-vxlan-clab/configs/access4.cfg
Damien 35fdaba993 Add dot1x and wpa_supplicant for 802.1X authentication 
- Configure dot1x on access switch host-facing ports (Et3/Et4) with
  RADIUS dynamic VLAN assignment
- Switch host-facing port-channels to access mode (from trunk) to
  align with dot1x dynamic VLAN behavior
- Add wpa_supplicant configs and binds for all hosts
- Remove VLAN subinterfaces from hosts, assign IPs directly to bond0
  (untagged traffic for dot1x access ports)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-01 08:58:07 +00:00

81 lines
1.8 KiB
INI
Raw Blame History

! Access4 Configuration
! L2-only access switch for VTEP4 (leaf7/leaf8)
!
hostname access4
!
! LLDP Management0
lldp management-address Management0
!
! enable gNMI API
management api gnmi
transport grpc default
provider eos-native
!
! admin/admin for ssh access
username admin privilege 15 role network-admin secret sha512 $6$xQktFrbdeqEhVzLM$.1wOJB25nw2fqYaSXDu6y4mo6AP9hngMCFe2vGDl84hWoz00Q.4unoEBqspNI0HEoRz.OZhdBHqQv12KABf0B0
!
! RADIUS server
radius-server host 172.16.0.200 key arista123
!
! AAA for dot1x
aaa authentication dot1x default group radius
!
! Enable 802.1X globally
dot1x system-auth-control
!
! VLANs
vlan 78
name vrf-gold-subnet
!
! Management interface
interface Management0
ip address 172.16.0.44/24
!
! Spanning-tree
spanning-tree mode mstp
spanning-tree edge-port bpduguard default
!
! Uplink to leaf MLAG pair (Port-Channel 10)
interface Ethernet1
description leaf7-uplink
channel-group 10 mode active
!
interface Ethernet2
description leaf8-uplink
channel-group 10 mode active
!
interface Port-Channel10
description uplink-to-leaf-mlag
switchport mode trunk
switchport trunk allowed vlan 78
no shutdown
!
! Host-facing downlink (Port-Channel 1)
interface Ethernet3
description host4
channel-group 1 mode active
dot1x pae authenticator
dot1x port-control auto
dot1x host-mode single-host
!
interface Ethernet4
description host4
channel-group 1 mode active
dot1x pae authenticator
dot1x port-control auto
dot1x host-mode single-host
!
interface Port-Channel1
description host4
switchport mode access
switchport access vlan 78
port-channel lacp fallback timeout 5
port-channel lacp fallback individual
spanning-tree portfast
no shutdown
!
! Default route for management
ip route 0.0.0.0/0 172.16.0.254
!
end
Reference in New Issue View Git Blame Copy Permalink