1. Manuals
  2. Brands
  3. Computer Equipment
  4. Switch
  5. IBM
  6. Computer Equipment
  7. Switch

IBM 12.1(22)EA6 Configuring IEEE 802.1x Authentication Using a RADIUS Server, Enabling Periodic Re-Authentication

1 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 550
Download on canonical page 550 pages, 5.74 Mb
6-16
Cisco Systems IntelligentGigabit Ethernet Switch Modules for the IBMBladeCenter, Software Configuration Guide
24R9746
Chapter6 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
Configuring IEEE 802.1x Authentication Using a RADIUS Server
Beginning in privileged EXEC mode, follow these steps to configure IEEE 802.1x authentication with a
RADIUS server. The procedure is optional.
This example shows how to configure IEEE 802.1x using a RADIUS server:
Switch# configure terminal
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# dot1x reauthentication
Switch(config-if)# dot1x timeout reauth-period server
Enabling Periodic Re-Authentication
You can enable periodic IEEE 802.1x client re-authentication and specify how often it occurs. If you do
not specify a time period before enabling re-authentication, the number of seconds between
re-authentication attempts is 3600.
Beginning in privileged EXEC mode, follow these steps to enable periodic re-authentication of the client
and to configure the number of seconds between re-authentication attempts. This procedure is optional.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Specify the port to be configured, and enter interface configuration mode.
Step3 dot1x guest-vlan vlan-id Specify an active VLAN as an IEEE 802.1x guest VLAN. The range is 1
to 4094.
You can configure any active VLAN except an RSPAN VLAN, or a voice
VLAN as an IEEE 802.1x guest VLAN.
Step4 dot1x reauthentication Enable periodic re-authentication of the client, whi ch is disabled by
default.
Step5 dot1x timeout reauth-period {seconds |
server}
Set the number of seconds between re-authentication attempts.
The keywords have these meanings:
seconds—Sets the number of seconds from 1 to 65535; the default is
3600 seconds.
server—Sets the number of seconds as the value of the
Session-Timeout RADIUS attribute (Attribute[27]).
This command affects the behavior of the switch only if periodic
re-authentication is enabled.
Step6 end Return to privileged EXEC mode.
Step7 show dot1x interface interface-id Verify your IEEE 802.1x authentication configuration.
Step8 copy running-config startup-config (Optional) Save your entries in the configuration file.
MENU

Models

Contents