Filter
Top Products
Configuring 802.1X Port Authentication
14-2
14
The operation of dot1x on the switch requires the following:
• The switch must have an IP address assigned.
• The IP address of the RADIUS server must be specified.
• 802.1X must be enabled globally for the switch.
• Each switch port that will be used must be set to dot1x “Auto” mode.
• Each client that needs to be authenticated must have dot1x client software
installed and properly configured.
• The RADIUS server and 802.1X client support EAP. (The switch only supports
EAPOL in order to pass the EAP packets from the server to the client.)
• The RADIUS server and client also have to support the same EAP authentication
type – MD5. (Some clients have native support in Windows, otherwise the dot1x
client must support it.)
Displaying 802.1X Global Settings
The 802.1X protocol provides port authentication.
Command Attributes
802.1X System Authentication Control – The global setting for 802.1X.
Web – Click Security, 802.1X, Information.
Figure 14-1 802.1X Global Information
CLI – This example shows the default global setting for 802.1X.
Console#show dot1x 43-6
Global 802.1X Parameters
system-auth-control: enable
802.1X Port Summary
Port Name Status Operation Mode Mode Authorized
1/1 disabled Single-Host ForceAuthorized n/a
1/2 disabled Single-Host ForceAuthorized n/a
.
.
.
802.1X Port Details
802.1X is disabled on port 1/1
.
.
.
802.1X is disabled on port 24
Console#