Support User Manuals

Cisco Systems 2960 Model Vehicle User Manual

Open as PDF

of 1004

10-36

Catalyst 2960 and 2960-S Switch Software Configuration Guide

OL-8603-09

Chapter 10 Configuring IEEE 802.1x Port-Based Authentication

Configuring 802.1x Authentication

1w0d: %MAB-5-SUCCESS: Authentication successful for client (0000.0000.0203) on Interface

Fa4/0/4 AuditSessionID 160000050000000B288508E5

1w0d: %AUTHMGR-7-RESULT: Authentication result 'success' from 'mab' for client

(0000.0000.0203) on Interface Fa4/0/4 AuditSessionID 160000050000000B288508E5

The session ID is used by the NAD, the AAA server, and other report-analyzing applications to identify

the client. The ID appears automatically. No configuration is required.

Configuring 802.1x Authentication

These sections contain this configuration information:

• Default 802.1x Authentication Configuration, page 10-37

• 802.1x Authentication Configuration Guidelines, page 10-38

• Configuring 802.1x Readiness Check, page 10-40 (optional)

• Configuring Voice Aware 802.1x Security, page 10-41 (optional)

• Configuring 802.1x Violation Modes, page 10-43 (optional)

• Configuring the Switch-to-RADIUS-Server Communication, page 10-45 (required)

• Configuring the Host Mode, page 10-46 (optional)

• Configuring Periodic Re-Authentication, page 10-48 (optional)

• Manually Re-Authenticating a Client Connected to a Port, page 10-49 (optional)

• Changing the Quiet Period, page 10-49 (optional)

• Changing the Switch-to-Client Retransmission Time, page 10-50 (optional)

• Setting the Switch-to-Client Frame-Retransmission Number, page 10-50 (optional)

• Setting the Re-Authentication Number, page 10-51 (optional)

• Configuring 802.1x Accounting, page 10-53 (optional)

• Enabling MAC Move, page 10-52 (optional)

• Enabling MAC Replace, page 10-52 (optional)

• Configuring a Guest VLAN, page 10-54 (optional)

• Configuring a Restricted VLAN, page 10-55 (optional)

• Configuring the Inaccessible Authentication Bypass Feature, page 10-57 (optional)

• Configuring 802.1x Authentication with WoL, page 10-60 (optional)

• Configuring MAC Authentication Bypass, page 10-61 (optional)

• Configuring NAC Layer 2 802.1x Validation, page 10-63 (optional)

• Configuring an Authenticator and a Supplicant Switch with NEAT, page 10-64

• Configuring 802.1x Authentication with Downloadable ACLs and Redirect URLs, page 10-65

• Configuring Flexible Authentication Ordering, page 10-68

• Disabling 802.1x Authentication on the Port, page 10-70 (optional)

• Resetting the 802.1x Authentication Configuration to the Default Values, page 10-70 (optional)

previous next