User Authentication
3-69
3
• The RADIUS server and 802.1X client support EAP. (The switch only supports
EAPOL in order to pass the EAP packets from the server to the client.)
• The RADIUS server and client also have to support the same EAP encryption
method for passing authentication messages – MD5, TLS, TTLS, PEAP. Native
support for these encryption methods is provided in Windows XP, and in Windows
2000 with Service Pack 4. To support these encryption methods in Windows 95
and 98, you can use the AEGIS dot1x client or other comparable client software.
Displaying 802.1X Global Settings
The 802.1X protocol provides client authentication.
Command Attributes
• 802.1X System Authentication Control – The global setting for 802.1X.
Web – Click Security, 802.1X, Information.
Figure 3-39 802.1X Global Information
CLI – This example shows the default global setting for 802.1X.
Console#show dot1x 4-90
Global 802.1X Parameters
system-auth-control: enable
802.1X Port Summary
Port Name Status Operation Mode Mode Authorized
1/1 disabled Single-Host ForceAuthorized n/a
1/2 disabled Single-Host ForceAuthorized n/a
.
.
.
802.1X Port Details
802.1X is disabled on port 1/1
.
.
.
802.1X is disabled on port 1/52
.
Console#