Filter
Top Products
13-47
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 13 Configuring IEEE 802.1x Port-Based Authentication
How to Configure IEEE 802.1x Port-Based Authentication
Configuring an Authenticator and Supplicant
You can also use an Auto Smartports user-defined macro instead of the switch VSA to configure the
authenticator switch. For information, see the
“Configuring Smartports Macros” chapter.
Configuring an Authenticator
Before You Begin
One switch outside a wiring closet must be configured as a supplicant and be connected to an
authenticator switch.
Note The cisco-av-pairs must be configured as device-traffic-class=switch on the ACS, which sets the
interface as a trunk after the supplicant is successfully authenticated.
Configuring a Supplicant Switch with NEAT
Step 7
show authentication interface
interface-id
Verifies your 802.1x authentication configuration.
Step 8
copy running-config startup-config (Optional) Saves your entries in the configuration file.
Command Purpose
Command Purpose
Step 1
configure terminal Enters global configuration mode.
Step 2
cisp enable Enables CISP.
Step 3
interface interface-id Specifies the port to be configured, and enters interface configuration
mode.
Step 4
switchport mode access Sets the port mode to access.
Step 5
authentication port-control auto Sets the port-authentication mode to auto.
Step 6
dot1x pae authenticator Configures the interface as a port access entity (PAE) authenticator.
Step 7
spanning-tree portfast Enables Port Fast on an access port connected to a single workstation or
server.
Step 8
end Returns to privileged EXEC mode.
Step 9
show running-config interface
interface-id
Verifies your configuration.
Step 10
copy running-config startup-config (Optional) Saves your entries in the configuration file.
Command Purpose
Step 1
configure terminal Enters global configuration mode.
Step 2
cisp enable Enables CISP.