8-36
Configuring Port-Based Access Control (802.1X)
Configuring Switch Ports To Operate As Supplicants for 802.1X Connections to Other Switches
Configuring a Supplicant Switch Port. Note that you must enable suppli-
cant operation on a port before you can change the supplicant configuration.
This means you must execute the supplicant command once without any other
parameters, then execute it again with a supplicant parameter you want to
configure. If the intended authenticator port uses RADIUS authentication,
then use the identity and secret options to configure the RADIUS-expected
username and password on the supplicant port. If the intended authenticator
port uses Local 802.1X authentication, then use the identity and secret options
to configure the authenticator switch’s local username and password on the
supplicant port.
Syntax: aaa port-access supplicant [ethernet] < port-list >
To enable supplicant operation on the designated ports,
execute this command without any other parameters.
After doing this, you can use the command again with
the following parameters to configure supplicant oper-
tion. (Use one instance of the command for each
parameter you want to configure The no form disables
supplicant operation on the designated port(s).
[identity < username >]
Sets the username and password to pass to the authen-
ticator port when a challenge-request packet is received
from the authenticator port in response to an authen-
tication request. If the intended authenticator port is
configured for RADIUS authentication, then < user-
name > and < password > must be the username and
password expected by the RADIUS server. If the
intended authenticator port is configured for Local
authentication, then < username > and < password >
must be the username and password configured on the
Authenticator switch. (Defaults: Null)
[secret]
Enter secret: < password >
Repeat secret: < password >
Sets the secret password to be used by the port suppli-
cant when an MD5 authentication request is received
from an authenticator. The switch prompts you to enter
the secret password after the command is invoked.