Configuring Port-Based and User-Based Access Control (802.1X)

Configuring Switch Ports as 802.1X Authenticators

N o t e

If you want to implement the optional port security feature (step 7) on the switch, you should first ensure that the ports you have configured as 802.1X authenticators operate as expected.

7.If you are using Port Security on the switch, configure the switch to allow only 802.1X access on ports configured for 802.1X operation, and (if desired) the action to take if an unauthorized device attempts access through an 802.1X port. Refer to page 10-45.

8.If you want a port on the switch to operate as a supplicant on a port operating as an 802.1X authenticator on another device, then configure the supplicant operation. (Refer to “Configuring Switch Ports To Operate As Supplicants for 802.1X Connections to Other Switches” on page 10-47.)

Configuring Switch Ports as 802.1X Authenticators

802.1X Authentication Commands

Page

 

 

[no] aaa port-access authenticator < port-list>

10-19

[auth-vid clear-statistics client-limit control max-requests

10-19

initialize logoff-period quiet-period server-timeout

 

reauthenticate reauth-period supplicant-timeout tx-period

 

unauth-period unauth-vid]

 

aaa authentication port-access

10-24

< local eap-radius chap-radius >

 

[no] aaa port-access authenticator active

10-18

aaa port-access <port-list> controlled-directions <both in>

10-26

[no] port-security [ethernet] < port-list> learn-mode port-access

10-45

802.1X Open VLAN Mode Commands

10-29

802.1X Supplicant Commands

10-47

802.1X-Related Show Commands

10-51

RADIUS server configuration

10-25

 

 

10-18