9-18
Catalyst 2960 Switch SoftwareConfiguration Guide
78-16881-01
Chapter9 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
Note You should change the default value of this command only to adjust for unusual circumstances such a s
unreliable links or specific behavioral problems with certain clients and authentication servers.
Beginning in privileged EXEC mode, follow these steps to set the re-authentication number. This
procedure is optional.
To return to the default re-authentication number, use the no dot1x max-reauth-req interface
configuration command.
This example shows how to set 4 as the number of times that the switch restarts the authentication
process before the port changes to the unauthorized state:
Switch(config-if)# dot1x max-reauth-req 4
Configuring the Host Mode
Beginning in privileged EXEC mode, follow these steps to allow multiple hosts (clients) on an IEEE
802.1x-authorized port that has the dot1x port-control interface configuration command set to auto.
This procedure is optional.
To disable multiple hosts on the port, use the no dot1x host-mode multi-host interface configuration
command.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Specify the port to be configured, and enter interface configuration mode.
Step3 dot1x max-reauth-req count Set the number of times that the switch restarts the authentication process
before the port changes to the unauthorized state. The range is 1 to 10; the
default is 2.
Step4 end Return to privileged EXEC mode.
Step5 show dot1x interface interface-id Verify your entries.
Step6 copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Specify the port to which multiple hosts are indirectly attached, and enter
interface configuration mode.
Step3 dot1x host-mode multi-host Allow multiple hosts (clients) on an IEEE 802.1x-authorized port.
Make sure that the dot1x port-control interface configuration command
set is set to auto for the specified interface.
Step4 end Return to privileged EXEC mode.
Step5 show dot1x interface interface-id Verify your entries.
Step6 copy running-config startup-config (Optional) Save your entries in the configuration file.