Chapter 9
Configuring IEEE 802.1x Port-Based Authentication
Configuring IEEE 802.1x Authentication
These sections describe how to configure IEEE 802.1x port-based authentication on your switch:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Default IEEE 802.1x Configuration
Table 9-2
Table 9-2
Feature
AAA
RADIUS server
•
•
•
Switch IEEE 802.1x enable state
Per-interface IEEE 802.1x enable state
Periodic re-authentication
Number of seconds between
re-authentication attempts
78-11380-12
Default IEEE 802.1x Configuration, page 9-11
IEEE 802.1x Configuration Guidelines, page 9-12
Upgrading from a Previous Software Release, page 9-13
Enabling IEEE 802.1x Authentication, page 9-14
Configuring the Switch-to-RADIUS-Server Communication, page 9-15
Enabling Periodic Re-Authentication, page 9-17
Manually Re-Authenticating a Client Connected to a Port, page 9-18
Changing the Quiet Period, page 9-18
Changing the Switch-to-Client Retransmission Time, page 9-19
Setting the Switch-to-Client Frame-Retransmission Number, page 9-19
Configuring the Host Mode, page 9-20
Configuring a Guest VLAN, page 9-21
Resetting the IEEE 802.1x Configuration to the Default Values, page 9-22
Configuring IEEE 802.1x Authentication, page 9-23
Configuring IEEE 802.1x Accounting, page 9-24
shows the default IEEE 802.1x configuration.
Default IEEE 802.1x Configuration
IP address
UDP authentication port
Key
(required)
(optional)
(optional)
(optional)
(optional)
(optional)
(optional)
Default Setting
Disabled.
None specified.
•
1812.
•
None specified.
•
Disabled.
Disabled (force-authorized).
The port sends and receives normal traffic without IEEE
802.1x-based authentication of the client.
Disabled.
3600 seconds.
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
Configuring IEEE 802.1x Authentication
(required)
(optional)
(optional)
(optional)
(optional)
9-11