9-22
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
Chapter9 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
For example:
proxyacl# 10=permit ip any 10.0.0.0 255.0.0.0
proxyacl# 20=permit ip any 11.1.0.0 255.255.0.0
proxyacl# 30=permit udp any any eq syslog
proxyacl# 40=permit udp any any eq tftp
Note The proxyacl entry determines the type of allowed network access.
For more information, see the “Configuring Web Authentication” section on page9-42.

Web Authentication with Automatic MAC Check

You can use web authentication with automatic MAC check to authenticate a client that does not support
IEEE 802.1x or web browser functionality. This allows end hosts, such as printers, to automatically
authenticate by using the MAC address without any additional required configuration.
Web authentication with automatic MAC check only works in web authenticat ion standalone mode. You
cannot use this if web authentication is configured as a fallback to IEEE 802.1x authentication.
The MAC address of the device must be configured in the Acce ss Control Serv er (A CS) for the automa tic
MAC check to succeed. The automatic MAC check allows managed devices, such as printers, to skip
web authentication.
Note The interoperability of web authentication (with automatic MAC check) and IEEE 802.1x MAC
authentication configured on different ports of the same switch is not supported.
Configuring IEEE 802.1x Authentication
These sections contain this configuration information:
Default IEEE 802.1x Authentication Configuration, page 9-23
IEEE 802.1x Authentication Configuration Guidelines, page 9-24
Configuring IEEE 802.1x Authentication, page 9-26 (required)
Configuring the Switch-to-RADIUS-Server Communication, page9-28 (required)
Configuring the Host Mode, page 9-29 (optional)
Configuring Periodic Re-Authentication, page 9-30 (optional)
Manually Re-Authenticating a Client Connected to a Port, page9-30 (optional)
Changing the Quiet Period, page 9-31 (optional)
Changing the Switch-to-Client Retransmission Time, page9-31 (optional)
Setting the Switch-to-Client Frame-Retransmission Number, page9-32 (optional)
Setting the Re-Authentication Number, page9-33 (optional)
Configuring IEEE 802.1x Accounting, page 9-33 (optional)
Configuring a Guest VLAN, page9-34 (optional)
Configuring a Restricted VLAN, page 9-35 (optional)
Configuring the Inaccessible Authentication Bypass Feature, page9-37 (optional)