9-43
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
Chapter9 Configuring IEEE 802 . 1x Port-Based Authentication Configuring IEEE 802.1x Authentication
Beginning in privileged EXEC mode, follow these steps to configure a port to use web authentication:
This example shows how to configure only web authentication on a switch port:
Switch# configure terminal
Switch(config)# ip admission name rule1 proxy http
Switch(config)# interface gigabitethernet1/0/1
Switch(config-if)# switchport mode access
Switch(config-if)# ip access-group policy1 in
Switch(config-if)# ip admission rule1
Switch(config-if)# end
Beginning in privileged EXEC mode, follow these steps to configure a switch port for IEEE 802.1x
authentication with web authentication as a fallback method:
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 ip admission name rule proxy http Define a web authentication rule.
Note The same rule cannot be used for both web authent ic ati on and
NAC Layer 2 IP validation. For more information, see the
Network Admission Control Software Configuration Guide on
Cisco.com.
Step3 interface interface-id Specify the port to be configured, and enter interface configuration
mode.
Step4 switchport mode access Set the port to access mode.
Step5 ip access-group access-list in Specify the default access control list to be applied to network traffic
before web authentication.
Step6 ip admission rule Apply an IP admission rule to the interface.
Step7 end Return to privileged EXEC mode.
Step8 show running-config interface
interface-id Verify your configuration.
Step9 copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 ip admission name rule proxy http Define a web authentication rule.
Step3 fallback profile fallback-profile Define a fallback profile to allow an IEEE 802.1x port to
authenticate a client by using web authentication.
Step4 ip access-group policy in Specify the default access control list to apply to network traffic
before web authentication.
Step5 ip admission rule Associate an IP admission rule with the profile, and specify that
a client connecting by web authentication uses this rule.
Step6 end Return to privileged EXEC mode.
Step7 interface interface-id Specify the port to be configured, and enter interface
configuration mode.
Step8 switchport mode access Set the port to access mode.