Configuring
Configuring Switch Ports as 802.1x Authenticators
| 1. Enable 802.1x Authentication on Selected Ports |
| This task configures the individual ports you want to operate as 802.1x |
| authenticators for |
| (Actual 802.1x operation does not commence until you perform step 5 on page |
| |
|
|
Note | When you enable 802.1x authentication on a port, the switch automatically disables |
| LACP on that port. However, if the port is already operating in an LACP trunk, you |
| must remove the port from the trunk before you can configure it for 802.1x authen- |
| tication. |
| Syntax: aaa |
| |
| Enables specified ports to operate as 802.1x authenti |
| cators with current per- port authenticator configura |
| tion. To activate configured 802.1x operation, you |
| must enable 802.1x authentication. Refer to "5. Enable |
| 802.1x Authentication on the switch" on page |
| [control < authorized auto unauthorized >] |
| Controls authentication mode on the specified port: |
| auto (the default): The device connected to the port must |
| support 802.1x authentication and provide valid |
| credentials in order to get network access. (You |
| have the option of using the Open VLAN mode to |
| provide a path for clients without 802.1x |
| supplicant software to download this software and |
| begin the authentication process. Refer to “802.1x |
| |
| authorized: Also termed Force Authorized. Grants access |
| to any device connected to the port. In this case, the |
| device does not have to provide 802.1x credentials |
| or support 802.1x authentication. (However, you |
| can still configure console, Telnet, or SSH security |
| on the port.) |
| unauthorized: Also termed Force Unauthorized. Do not |
| grant access to the network, regardless of whether |
| the device provides the correct credentials and has |
| 802.1x support. In this state, the port blocks access |
| to any connected device. |