10-68
Catalyst 3750 SwitchSoftware Configuration Guide
OL-8550-09
Chapter10 Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication
Configuring Open1x
Beginning in privileged EXEC mode:
This example shows how to configure open 1x on a port:
Switch# configure terminal
Switch(config)# interface gigabitethernet1/0/1
Switch(config)# authentication control-direction both
Switch(config)# au ten tic at ion fallback profile1
Switch(config)# authentication host-mode multi-auth
Switch(config)# authentication open
Switch(config)# authentication order dot1x webauth
Switch(config)# authentication periodic
Switch(config)# authentication port-control auto
Disabling 802.1x Authentication on the Port
You can disable 802.1x authentication on the port by using the no dot1x pae interface configuration
command.
Beginning in privileged EXEC mode, follow these steps to disable 802.1x authentication on the port.
This procedure is optional.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Specify the port to be configured, and enter interface
configuration mode.
Step3 authentication control-direction {both | in} (Optional) Configure the port control as unidirectional or
bidirectional.
Step4 authentication fallback name (Optional) Configure a port to use web authentication as a
fallback method for clients that do not support 802.1x
authentication.
Step5 authentication host-mode [multi-auth |
multi-domain | multi-host | single-host]
(Optional) Set the authorization manager mode on a port.
Step6 authentication open (Optional) Enable or disable open access on a port.
Step7 authentication order [dot1x | mab] |
{webauth}
(Optional) Set the order of authentication methods used on a port.
Step8 authentication periodic (Optional) Enable or disable reauthentication on a port.
Step9 authentication port-control {auto |
force-authorized | force-un authorized}
(Optional) Enable manual control of the port authorization state.
Step10 show authentication (Optional) Verify your entries.
Step11 copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Specify the port to be configured, and enter interface configuration mode.