Table of Contents
Configuring Switch Ports To Operate As Supplicants for 802.1X Connections to Other Switches
4.
The RADIUS server then analyzes the response and sends either a "suc-
cess" or "failure" packet back through switch "B" to port A1.
•
A "success" response unblocks port B5 to normal traffic from port A1.
•
A "failure" response continues the block on port B5 and causes port
A1 to wait for the "held-time" period before trying again to achieve
authentication through port B5.
Supplicant Port Configuration
Enabling a Switch Port as a Supplicant. You can configure a switch port
as a supplicant for a point-to-point link to an 802.1X-aware port on another
switch. Configure the port as a supplicant before configuring any suppli-
cant-related parameters.
Syntax: [no] aaa port-access supplicant [ethernet] < port-list >
Configures a port as a supplicant with either the default supp-
licant settings or any previously configured supplicant
settings, whichever is most recent. The "no" form of the
command disables supplicant operation on the specified
ports.
Configuring a Supplicant Switch Port. You must enable supplicant oper-
ation on a port before changing the supplicant configuration. This means you
must execute the supplicant command once without any other parameters,
then execute it again with a supplicant parameter you want to configure. If
the intended authenticator port uses RADIUS authentication, then use the
identity and secret options to configure the RADIUS-expected credentials on
the supplicant port. If the intended authenticator port uses Local 802.1X
authentication, then use the identity and secret options to configure the
authenticator switch's local username and password on the supplicant port.
Syntax: aaa port-access supplicant [ethernet] < port-list >
To enable supplicant operation on the designated ports,
execute this command without any other parameters.
After doing this, you can use the command again with the
following parameters to configure supplicant opertion.
(Use one instance of the command for each parameter you
want to configure The no form disables supplicant opera-
tion on the designated port(s).
Configuring Port-Based and Client-Based Access Control (802.1X)
9-47
Table of Contents
