CCNA • Mock Exam 82
Free CCNA mock exam — 25 questions with explanations. Set 82. No signup required.
You are connected to R1. Configure AAA with RADIUS authentication on R1 so that SSH login attempts first contact the RADIUS server at 192.0.2.10 (key 'cisco123'), and if the server is unreachable, fall back to the local database. Additionally, troubleshoot why an 802.1X-enabled switch port (GigabitEthernet0/1) on a connected switch remains in the 'unauthorized' state despite RADIUS being functional; identify and fix the misconfiguration on the switch (SW1).
R1# show running-config | section aaa aaa new-model aaa authentication login default group radius local radius server RADIUS address ipv4 192.0.2.10 key cisco123 ! R1# show aaa servers RADIUS: id 1, priority 1, host 192.0.2.10, auth-port 1812, acct-port 1813 State: current UP, duration 120s, previous duration 0s Dead: total 0, retransmit 0 SW1# show running-config | section dot1x dot1x system-auth-control dot1x port-control auto interface GigabitEthernet0/1 switchport mode access dot1x pae authenticator dot1x timeout reauth-period 3600 ! SW1# show authentication sessions interface GigabitEthernet0/1 Interface: GigabitEthernet0/1 MAC Address: Unknown IP Address: Unknown Status: Unauthorized Domain: DATA Oper host mode: single-host Session timeout: N/A Common Session ID: 0000000000000000000000 Acct Session ID: 0x00000000 Auth Method: dot1x SW1# show dot1x all summary Interface PAE Authenticator Supplicant Server Gi0/1 AUTH UNAUTHORIZED N/A N/A
R1# show running-config | section aaa aaa new-model aaa authentication login default group radius local radius server RADIUS address ipv4 192.0.2.10 key cisco123 ! R1# show aaa servers RADIUS: id 1, priority 1, host 192.0.2.10, auth-port 1812, acct-port 1813 State: current UP, duration 120s, previous duration 0s Dead: total 0, retransmit 0 SW1# show running-config | section dot1x dot1x system-auth-control dot1x port-control auto interface GigabitEthernet0/1 switchport mode access dot1x pae authenticator dot1x timeout reauth-period 3600 ! SW1# show authentication sessions interface GigabitEthernet0/1 Interface: GigabitEthernet0/1 MAC Address: Unknown IP Address: Unknown Status: Unauthorized Domain: DATA Oper host mode: single-host Session timeout: N/A Common Session ID: 0000000000000000000000 Acct Session ID: 0x00000000 Auth Method: dot1x SW1# show dot1x all summary Interface PAE Authenticator Supplicant Server Gi0/1 AUTH UNAUTHORIZED N/A N/A