13-6
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 13 Configuring IEEE 802.1x Port-Based Authentication
Information About Configuring IEEE 802.1x Port-Based Authentication
Figure 13-4 Message Exchange During MAC Authentication Bypass
Authentication Manager

Port-Based Authentication Methods

Table 13-1 lists the authentication methods supported in these host modes:
Single host—Only one data or voice host (client) can be au thenticated on a port.
Multiple host—Multiple data hosts can be authenticated on the same port. (If a port becomes
unauthorized in multiple-host mode, the switch denies network access to all of the attached clients.)
Multidomain authentication (MDA)—Both a data device and voice device c an be authenticated on
the same switch port. The port is divided into a data domain and a voice domain.
Multiple authentication—Multiple hosts can authenticate on the data VLAN. This mode also allows
one client on the VLAN if a voice VLAN is configured.
141681
Client Switch
EAPOL Request/Identity
EAPOL Request/Identity
EAPOL Request/Identity
RADIUS Access/Request
RADIUS Access/Accept
Ethernet packet
Authentication
server
(RADIUS)