Cisco Systems 4500 Switch User Manual

Open as PDF

of 1504

40-51

Software Configuration Guide—Release 15.0(2)SG

OL-23818-01

Chapter 40 Configuring 802.1X Port-Based Authentication

Configuring 802.1X Port-Based Authentication

The following example illustrates how to configure a switch for downloadable policy:

Switch# config terminal

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# aaa new-model

Switch(config)# aaa authorization network default local

Switch(config)# ip device tracking

Switch(config)# ip access-list extended default_acl

Switch(config-ext-nacl)# permit ip any any

Switch(config-ext-nacl)# exit

Switch(config)# int fastEthernet 2/13

Switch(config-if)# ip access-group default_acl in

Switch(config-if)# exit

Configuring RADIUS-Provided Session Timeouts

You can configure the Catalyst 4500 series switch to use a RADIUS-provided reauthentication timeout.

To configure RADIUS-provided timeouts, perform this task:

Step 11

Switch(config)# end

Returns to privileged EXEC mode.

Step 12

Switch# show ip device tracking

{all | interface interface-id | ip

ip-address | mac mac-address}

Displays information about the entries in the IP device tracking table.

Step 13

Switch# copy running-config

startup-config

(Optional) Saves your entries in the configuration file.

Command Purpose

Step 1

Switch# configure terminal

Enters global configuration mode.

Step 2

Switch(config)# interface

interface-id

Enters interface configuration mode.

Step 3

Switch(config-if)# switchport mode

access

Specifies a nontrunking, nontagged single VLAN Layer 2 interface.

Step 4

Switch(config-if)# dot1x pae

authenticator

Enables 802.1X authentication on the port with default parameters.

Refer to the “Default 802.1X Configuration” section on page 40-27.

Step 5

Cisco IOS Release 12.2(50)SG and later

Switch(config-if)# authentication

timer reauthenticate {interface

server}

Cisco IOS Release 12.2(46)SG or earlier

releases

Switch(config-if)# dot1x timeout

reauth-attempts {interface

| server}

Sets the reauthentication period (seconds).

Step 6

Switch(config-if)# end

Returns to privileged EXEC mode.

Step 7

Switch# show dot1x interface

interface-id details

Verifies your entries.

Step 8

Switch# copy running-config

startup-config

(Optional) Saves your entries in the configuration file.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems 4500 Switch User Manual