Support User Manuals

Cisco Systems 2940 Switch User Manual

Open as PDF

of 444

8-15

Catalyst 2940 Switch Software Configuration Guide

78-15507-02

Chapter 8 Configuring 802.1X Port-Based Authentication

Configuring 802.1X Authentication

With the multiple-hosts mode enabled, you can use 802.1X to authenticate the port and port security to

manage network access for all MAC addresses, including that of the client (for switches running the EI).

Beginning in privileged EXEC mode, follow these steps to allow multiple hosts (clients) on an

802.1X-authorized port that has the dot1x port-control interface configuration command set to auto.

This procedure is optional.

To disable multiple hosts on the port, use the no dot1x host-mode multi-host interface configuration

command.

This example shows how to enable Fast Ethernet interface 0/1 to allow multiple hosts:

Switch(config)# interface fastethernet0/1

Switch(config-if)# dot1x port-control auto

Switch(config-if)# dot1x host-mode multi-host

Resetting the 802.1X Configuration to the Default Values

Beginning in privileged EXEC mode, follow these steps to reset the 802.1X configuration to the default

values.

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

interface interface-id Enter interface configuration mode, and specify the interface to which

multiple hosts are indirectly attached.

Step 3

dot1x host-mode multi-host Allow multiple hosts (clients) on an 802.1X-authorized port.

Make sure that the dot1x port-control interface configuration command

set is set to auto for the specified interface.

Step 4

end Return to privileged EXEC mode.

Step 5

show dot1x interface interface-id Verify your entries.

Step 6

copy running-config startup-config (Optional) Save your entries in the configuration file.

Command Purpose

Step 1

configure terminal Enter global configuration mode.

Step 2

interface interface-id Enter interface configuration mode, and specify the interface to be

configured.

Step 3

dot1x default Reset the configurable 802.1X parameters to the default values.

Step 4

end Return to privileged EXEC mode.

Step 5

show dot1x interface interface-id Verify your entries.

Step 6

copy running-config startup-config (Optional) Save your entries in the configuration file.

previous next