Filter
Top Products
User Authentication
3-61
3
Web – Select Security, 802.1x, Configuration. Enable dot1x globally for the switch,
modify any of the parameters required, and then click Apply.
Figure 3-36 802.1X Configuration
CLI – This enables re-authentication and sets all of the global parameters for dot1x.
Configuring Port Authorization Mode
When dot1x is enabled, you need to specify the dot1x authentication mode
configured for each port.
Command Attributes
• Status – Indicates if authentication is enabled or disabled on the port.
• Operation Mode – Allows single or multiple hosts (clients) to connect to an
802.1X-authorized port. (Range: Single-Host, Multi-Host; Default: Single-Host)
• Max Count – The maximum number of hosts that can connect to a port when the
Multi-Host operation mode is selected. (Range: 1-1024; Default: 5)
• Mode – Sets the authentication mode to one of the following options:
- Auto – Requires a dot1x-aware client to be authorized by the authentication
server. Clients that are not dot1x-aware will be denied access.
- Force-Authorized – Forces the port to grant access to all clients, either
dot1x-aware or otherwise.
- Force-Unauthorized – Forces the port to deny access to all clients, either
dot1x-aware or otherwise.
• Authorized –
- Yes – Connected client is authorized.
- No – Connected client is not authorized.
- Blank – Displays nothing when dot1x is disabled on a port.
Console(config)#dot1x re-authentication 4-83
Console(config)#dot1x max-req 5 4-80
Console(config)#dot1x timeout quiet-period 40 4-83
Console(config)#dot1x timeout re-auth 5 4-84
Console(config)#dot1x timeout tx-period 40 4-84
Console(config)#authentication dot1x default radius 4-80
Console(config)#