10-60
Catalyst 3750 SwitchSoftware Configuration Guide
OL-8550-09
Chapter10 Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication
Configuring MAC Authentication Bypass
Beginning in privileged EXEC mode, follow these steps to enable MAC authentication bypass. This
procedure is optional.
To disable MAC authentication bypass, use the no mab interface configuration command.
This example shows how to enable MAC authentication bypass:
Switch(config-if)# mab
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Specify the port to be configured, and enter interface configuration mode.
For the supported port types, see the “802.1x Authentication
Configuration Guidelines” section on page10-38.
Step3 authentication port-control auto
or
dot1x port-control auto
Enable 802.1x authentication on the port.
Step4 mab [eap | timeout activity {value}] Enable MAC authentication bypass.
(Optional) Use the eap keyword to configure the switch to use EAP for
authorization.
(Optional) Use the timeout activity keywords to configured the number
of seconds that a connected host can be inactive before it is placed in an
unauthorized state. The range is 1 to 65535.
You must enable port security before configuring a timeout value. For
more information, see the “Configuring Port Security” section on
page 25-9.
Step5 end Return to privileged EXEC mode.
Step6 show authentication interface-id
or
show dot1x interface interface-id
Verify your entries.
Step7 copy running-config startup-config (Optional) Save your entries in the configuration file.