6-11
Cisco Systems IntelligentGigabit Ethernet Switch Modules for the IBM BladeCenter, Software Configuration Guide
24R9746
Chapter6 Configuring IEEE 802 .1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
Configuring IEEE 802.1x AuthenticationThese sections describe how to configure IEEE 802.1x port-based authen tication on your switch:
•Default IEEE 802.1x Configuration, page 6-11
•IEEE 802.1x Configuration Guidelines, page 6-12
•Enabling IEEE 802.1x Authentication, page 6-13 (r equired)
•Configuring the Switch-to-RADIUS-Server Communication, page 6-14 (required)
•Enabling Periodic Re-Authentication, page 6-16 (optio nal)
•Manually Re-Authenticating a Client Connected to a Port, page 6-17 (optional)
•Changing the Quiet Period, page 6-17 (optional)
•Changing the Switch-to-Client Retransmission Time, page 6-18 (optional)
•Setting the Switch-to-Client Frame-Retransmission Number, page 6-19 (optional)
•Configuring the Host Mode, page 6-20 (optional)
•Configuring a Guest VLAN, page 6-20 (optional)
•Resetting the IEEE 802.1x Configuration to the Default Values, page 6-22 (optional)
•Configuring IEEE 802.1x Authentication, page 6-22 (optional)
•Configuring IEEE 802.1x Accounting, page 6-24 (optional)
Default IEEE 802.1x Configuration
Table 6 -2 shows the default IEEE 802.1x configuration.
Table6-2 Default IEEE 802.1x Configuration
Feature Default Setting
AAA Disabled.
RADIUS server
•IP address
•UDP authentication port
•Key
•None specified.
•1812.
•None specified.
Switch IEEE 802.1x enable state Disabled.
Per-interface IEEE 802.1x enable state Disabled (force-authorized).
The port sends and receives normal traffic without IEEE
802.1x-based authentication of the client.
Periodic re-authentication Disabled.
Number of seconds between
re-authentication attempts
3600 seconds.
Quiet period 60 seconds (number of seconds that the switch remains in
the quiet state following a failed authentication exchange
with the client).