User Authentication
3-473
Web – Select Security, 802.1X, Configuration. Enable dot1x globally for the switch,
modify any of the parameters required, and then click Apply.
Figure3-27 802.1X Configuration
CLI
– This enables re-authentication and sets all of the global parameters for 802.1X
.
Configuring Port Authorization ModeWhen dot1x is enabled, you need to specify the dot1x authentication mode
configured for each port.
Command Attributes
•Status – Indicates if authentication is enabled or disabled on the port.
•Operation Mode – Allows single or multiple hosts (clients) to connect to an
802.1X-authorized port. (Range: Single-Host, Multi-Host; Default: Single-Host)
•Max Count – The maximum number of hosts that can connect to a port when the
Multi-Host operation mode is selected. (Range: 1-20; Default: 5)
•Mode – Sets the authentication mode to one of the following options:
-Auto – Requires a dot1x-aware client to be authorized by the authentication
server. Clients that are not dot1x-aware will be denied access.
-Force-Authorized – Forces the port to grant access to all clients, either
dot1x-aware or otherwise.
-Force-Unauthorized – Forces the port to deny access to all clients, either
dot1x-aware or otherwise.
Console(config)#dot1x re-authentication 4-82
Console(config)#dot1x max-req 5 4-79
Console(config)#dot1x timeout quiet-period 40 4-82
Console(config)#dot1x timeout re-authperiod 5 4-83
Console(config)#dot1x timeout tx-period 40 4-83
Console(config)#authentication dot1x default radius 4-79
Console(config)#