Cisco Systems 3750-X Switch User Manual


  Open as PDF
of 1438
 
11-2
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-21521-01
Chapter 11 Configuring IEEE 802.1x Port-Based Authentication
Understanding IEEE 802.1x Port-Based Authentication
Until the client is authenticated, IEEE 802.1x access control allows only Extensible Authentication
Protocol over LAN (EAPOL), Cisco Discovery Protocol (CDP), and Spanning Tree Protocol (STP)
traffic through the port to which the client is connected. After authentication is successful, normal traffic
can pass through the port.
These sections describe IEEE 802.1x port-based authentication:
Device Roles, page 11-3
Authentication Process, page 11-4
Authentication Initiation and Message Exchange, page 11-6
Authentication Manager, page 11-8
Ports in Authorized and Unauthorized States, page 11-10
802.1x Authentication and Switch Stacks, page 11-11
802.1x Host Mode, page 11-12
MAC Move, page 11-13
802.1x Accounting, page 11-13
802.1x Accounting Attribute-Value Pairs, page 11-13
802.1x Multiple Authentication Mode, page 11-12
802.1x Readiness Check, page 11-14
802.1x Authentication with Per-User ACLs, page 11-16
802.1x Authentication with Guest VLAN, page 11-19
802.1x Authentication with Restricted VLAN, page 11-20
802.1x Authentication with Inaccessible Authentication Bypass, page 11-20
802.1x Authentication with Downloadable ACLs and Redirect URLs, page 11-17
VLAN ID-based MAC Authentication, page 11-18
IEEE 802.1x Authentication with Voice VLAN Ports, page 11-23
IEEE 802.1x Authentication with Port Security, page 11-24
IEEE 802.1x Authentication with Wake-on-LAN, page 11-24
IEEE 802.1x Authentication with MAC Authentication Bypass, page 11-25
802.1x User Distribution, page 11-22
Network Admission Control Layer 2 IEEE 802.1x Validation, page 11-26
Multidomain Authentication, page 11-27
Flexible Authentication Ordering, page 11-27
Open1x Authentication, page 11-27
802.1x Supplicant and Authenticator Switches with Network Edge Access Topology (NEAT),
page 11-29
Voice Aware 802.1x Security, page 11-30
Common Session ID, page 11-30
Understanding Media Access Control Security and MACsec Key Agreement, page 11-31
 previous next