6-16
Cisco Systems IntelligentGigabit Ethernet Switch Modules for the IBMBladeCenter, Software Configuration Guide
24R9746
Chapter6 Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
Configuring IEEE 802.1x Authentication Using a RADIUS Server
Beginning in privileged EXEC mode, follow these steps to configure IEEE 802.1x authentication with a
RADIUS server. The procedure is optional.
This example shows how to configure IEEE 802.1x using a RADIUS server:
Switch# configure terminal
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# dot1x reauthentication
Switch(config-if)# dot1x timeout reauth-period server
Enabling Periodic Re-Authentication
You can enable periodic IEEE 802.1x client re-authentication and specify how often it occurs. If you do
not specify a time period before enabling re-authentication, the number of seconds between
re-authentication attempts is 3600.
Beginning in privileged EXEC mode, follow these steps to enable periodic re-authentication of the client
and to configure the number of seconds between re-authentication attempts. This procedure is optional.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 interface interface-id Specify the port to be configured, and enter interface configuration mode.
Step3 dot1x guest-vlan vlan-id Specify an active VLAN as an IEEE 802.1x guest VLAN. The range is 1
to 4094.
You can configure any active VLAN except an RSPAN VLAN, or a voice
VLAN as an IEEE 802.1x guest VLAN.
Step4 dot1x reauthentication Enable periodic re-authentication of the client, whi ch is disabled by
default.
Step5 dot1x timeout reauth-period {seconds |
server}
Set the number of seconds between re-authentication attempts.
The keywords have these meanings:
seconds—Sets the number of seconds from 1 to 65535; the default is
3600 seconds.
server—Sets the number of seconds as the value of the
Session-Timeout RADIUS attribute (Attribute[27]).
This command affects the behavior of the switch only if periodic
re-authentication is enabled.
Step6 end Return to privileged EXEC mode.
Step7 show dot1x interface interface-id Verify your IEEE 802.1x authentication configuration.
Step8 copy running-config startup-config (Optional) Save your entries in the configuration file.