Configuring 802.1X Quick Steps for Configuring 802.1X
OmniSwitch 6600 Family Network Configuration Guide April 2006 page 22-3
Quick Steps for Configuring 802.1X
1 Configure the port as a mobile port and an 802.1X port using the following vlan port commands:
-> vlan port mobile 3/1
-> vlan port 3/1 802.1x enable
The port is set up automatically with 802.1X defaults. See “802.1X Defaults” on page 22-2 for informa-
tion about the defaults. For more information about vlan port commands, see Chapter 7, “Assigning Ports
to VLANs.”
2 Configure the RADIUS server to used for port authentication.
-> aaa radius-server rad1 host 10.10.2.1 timeout 25
See Chapter 20, “Managing Authentication Servers,”for more information about configuring RADIUS
authentication servers for 802.1X authentication.
Note. If 802.1X users will be authenticating into an authenticated VLAN, the VLAN must be configured
with the vlan authentication command. For information about configuring VLANs with authentication,
see Chapter 4, “Configuring VLANs.”
3 Associate the RADIUS server (or servers) with authentication for 802.1X ports.
-> aaa authentication 802.1x rad1
4 (Optional) Associate the server (or servers) to be used for accounting (logging) 802.1X sessions. For
example:
-> aaa accounting 802.1x rad2 ldap3 local
5 (Optional) Configure port-access control parameters for the 802.1X port using the 802.1x command.
-> 802.1x 3/1 quiet-period 45 max-req 3
6 (Optional) Configure the number of times supplicant devices are polled for identification using the
802.1x supp-polling retry command.
-> 802.1x 3/1 supp-polling retry 10
Note. Verify the 802.1X port configuration using the show 802.1x command:
-> show 802.1x 1/13
802.1x configuration for slot 1 port 13:
direction = both,
operational directions = both,
port-control = auto,
quiet-period (seconds) = 60,
tx-period (seconds) = 30,
supp-timeout (seconds) = 30,
server-timeout (seconds) = 30,
max-req = 2,
re-authperiod (seconds) = 3600,
reauthentication = no
Supplicant polling retry count = 2