Contents
xii
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
OL-21521-01
802.1x Authentication with Downloadable ACLs and Redirect URLs 11-17
Cisco Secure ACS and Attribute-Value Pairs for the Redirect URL 11-17
Cisco Secure ACS and Attribute-Value Pairs for Downloadable ACLs 11-18
VLAN ID-based MAC Authentication 11-18
802.1x Authentication with Guest VLAN 11-19
802.1x Authentication with Restricted VLAN 11-20
802.1x Authentication with Inaccessible Authentication Bypass 11-20
Support on Multiple-Authentication Ports 11-21
Authentication Results 11-21
Feature Interactions 11-21
802.1x User Distribution 11-22
802.1x User Distribution Configuration Guidelines 11-23
IEEE 802.1x Authentication with Voice VLAN Ports 11-23
IEEE 802.1x Authentication with Port Security 11-24
IEEE 802.1x Authentication with Wake-on-LAN 11-24
IEEE 802.1x Authentication with MAC Authentication Bypass 11-25
Network Admission Control Layer 2 IEEE 802.1x Validation 11-26
Flexible Authentication Ordering 11-27
Open1x Authentication 11-27
Multidomain Authentication 11-27
802.1x Supplicant and Authenticator Switches with Network Edge Access Topology (NEAT) 11-29
Guidelines 11-29
Voice Aware 802.1x Security 11-30
Common Session ID 11-30
Understanding Media Access Control Security and MACsec Key Agreement 11-31
MKA Policies 11-32
Virtual Ports 11-32
MACsec and Stacking 11-32
MACsec, MKA and 802.1x Host Modes 11-33
MKA Statistics 11-34
Configuring 802.1x Authentication 11-34
Default 802.1x Authentication Configuration 11-35
802.1x Authentication Configuration Guidelines 11-36
802.1x Authentication 11-36
VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication
Bypass 11-37
MAC Authentication Bypass 11-38
Maximum Number of Allowed Devices Per Port 11-38
Configuring 802.1x Readiness Check 11-38
Configuring Voice Aware 802.1x Security 11-39